Latest survey results – May 2021

The latest International Cyber Benchmarks Index™, for May 2021, is 47.1, maintaining the upward trend.

Level of confidence that all members of organization know the appropriate measures to take in the event of a ransomware attack

Less than three in ten (28%) are very confident that all members of their organization know the appropriate measures to take in the event of a ransomware attack, and a similar proportion (26%) lack confidence that this is the case.

Perceived sufficiency of guidance from government/official bodies and from existing cybersecurity technology in relation to ransomware attacks

Just over a third (35%) perceive guidance from government/official bodies to be insufficient and just over a quarter (26%) perceive existing cybersecurity technology to be insufficient.

Emphasis put on protecting organizations against ransomware threats and percentage of annual revenue willing to consider paying in the event of an attack

Majority of organizations have put more emphasis on ransomware protection after recent high profile attacks. Whilst 40% would not pay any ransom in the event of an attack, 1 in 5 would consider paying 20%+ of annual revenue.

Cyber threats ranked in order of level of concern

During March-April 2021, DDoS was the greatest concern followed by System compromise and then Ransomware.

How threat of attack by various vectors has changed

During March-April 2021, Ransomware, DDoS and Targeted hacking were most likely to be perceived as increasing threats to organisations.

How organisations’ ability to respond to threats has changed

During March-April 2021, organisations have focused most on increasing their ability to respond to Targeted hacking, DDoS and Vendor or customer impersonation.

How the risk of attack from various actors has changed

During March-April 2021, organisations have perceived the most likely increase in threats to be from Criminals and Unknown actors.

How threat landscape has changed

During March-April 2021, organisations have continued to perceive the threat landscape to be increasing most from the World at large and least from within their own company.

Whether respondents have ever been on the receiving end of a DDoS

78% of enterprises surveyed in May 2021 indicated that they have been on the receiving end of a DDoS attack at some time, up 1% on the previous reporting period*.

* Note that the sample composition changes from wave to wave which explains why the trend for this question can be down as well as up.

Whether survey respondents outsource DDoS mitigation

56% of enterprises surveyed in May 2021 outsource their DDoS mitigation, in line with the previous reporting period.

Length of time taken to initiate DDoS mitigation

In May 2021, enterprises were most likely to take between 60 seconds and 5 minutes to initiate DDoS mitigation, in line with previous reporting periods.