The survey

The survey mainly consists of a short series of questions, focusing on the issues related to cyber security, tracked over time. Additionally, a current topic of interest is introduced each survey to get a fresh perspective.

The tracked questions used for the index this period:

1. Impact of cyber attacks

Companies nowadays face ever present application level threats via Botnets such as Mirai or the more recent Satori. Do you agree that a Web Application Firewall (WAF) is an essential component of your security infrastructure? Yes / No

2. Most threatening cyber threats

In the past two months (since 1 May 2020), which of these cyber threats have been of most concern to you? Please rank from 1 as the highest threat to 6 as the lowest.

Ransomware; System Compromise; DDoS; Insider threat; Intellectual property; Financial theft

3. Whether level of threat has changed

In the past two months (since 1 May 2020), how has the threat of attack to your organization by the following vectors changed? Increased / Stayed the same / Decreased

Generalized phishing; Spear phishing; IP address hijacking; DNS compromise; DDoS; Social engineering – email; Social engineering – phone; Social engineering – text; Extortion; Targeted hacking; Supply chain compromise – physical; Supply chain compromise – cyber; Vendor or customer impersonation; Ransomware

4. Ability to respond to threats

In the past two months (since 1 May 2020), how has your ability to respond to these threats changed? Increased / Stayed the same / Decreased

Generalized phishing; Spear phishing; IP address hijacking; DNS compromise; DDoS; Social engineering – email; Social engineering – phone; Social engineering – text; Extortion; Targeted hacking; Supply chain compromise – physical; Supply chain compromise – cyber; Vendor or customer impersonation; Ransomware

5. Whether level of attack has changed

In the past two months (since 1 May 2020), how has the risk of attacks from the following actors changed? Increased / Stayed the same / Decreased

Competitors; Social activists; Nation/state actors; Criminals; Insiders; Unknown

6. Whether threat landscape has changed for enterprise

In the past two months (since 1 May 2020), do you think the threat landscape as it relates to your enterprise for each area shown below has increased, remained the same, or decreased?

The world at large; EMEA; Your country; Your industry; Your company/organization

7a. Whether impacted by DDoS
Has your enterprise ever been on the receiving end of a DDoS? Yes / No

8a. Whether DDoS mitigation outsourced
Does your enterprise outsource your DDoS mitigation? Yes / No

8b. Speed of initiating DDoS mitigation
How long does it take before your enterprise is able to initiate DDoS mitigation? Within 60 seconds / Between 60 seconds and 5 minutes / Longer than 5 minutes

Questions of the month

Q1a. How significant a threat is the rise of misinformation to your enterprise?

Very significant, Moderately significant, Mildly significant, Not very significant

Q1b. At present, how confident are you in your organization’s ability to successfully identify misinformation and/or fake domains?

Very confident, Moderately confident, Mildly confident, Not very confident

Q1c. In the next 6 months, does your organization plan to place a greater emphasis on its ability to respond to the rise of misinformation and/or fake domains?

Yes, we already have plans in place; Yes, but we don’t have plans in place just yet; Perhaps, if it continues to be an issue; No, it won’t be a focus for us

Q1d. Should the recent surge in misinformation and fake domains continue, do you think stricture measures need to be implemented on the Internet?

Yes, No