The survey

The survey mainly consists of a short series of questions, focusing on the issues related to cyber security, tracked over time. Additionally, a current topic of interest is introduced each survey to get a fresh perspective.

The tracked questions used for the index this period:

1. Impact of cyber attacks

Companies nowadays face ever present application level threats via Botnets such as Mirai or the more recent Satori. Do you agree that a Web Application Firewall (WAF) is an essential component of your security infrastructure? Yes / No

2. Most threatening cyber threats

In the past two months (since 1 March 2021), which of these cyber threats have been of most concern to you? Please rank from 1 as the highest threat to 6 as the lowest.

Ransomware; System Compromise; DDoS; Insider threat; Intellectual property; Financial theft

3. Whether level of threat has changed

In the past two months (since 1 March 2021), how has the threat of attack to your organization by the following vectors changed? Increased / Stayed the same / Decreased

Generalized phishing; Spear phishing; IP address hijacking; DNS compromise; DDoS; Social engineering – email; Social engineering – phone; Social engineering – text; Extortion; Targeted hacking; Supply chain compromise – physical; Supply chain compromise – cyber; Vendor or customer impersonation; Ransomware

4. Ability to respond to threats

In the past two months (since 1 March 2021), how has your ability to respond to these threats changed? Increased / Stayed the same / Decreased

Generalized phishing; Spear phishing; IP address hijacking; DNS compromise; DDoS; Social engineering – email; Social engineering – phone; Social engineering – text; Extortion; Targeted hacking; Supply chain compromise – physical; Supply chain compromise – cyber; Vendor or customer impersonation; Ransomware

5. Whether level of attack has changed

In the past two months (since 1 March 2021), how has the risk of attacks from the following actors changed? Increased / Stayed the same / Decreased

Competitors; Social activists; Nation/state actors; Criminals; Insiders; Unknown

6. Whether threat landscape has changed for enterprise

In the past two months (since 1 March 2021), do you think the threat landscape as it relates to your enterprise for each area shown below has increased, remained the same, or decreased?

The world at large; EMEA; Your country; Your industry; Your company/organization

7a. Whether impacted by DDoS
Has your enterprise ever been on the receiving end of a DDoS? Yes / No

8a. Whether DDoS mitigation outsourced
Does your enterprise outsource your DDoS mitigation? Yes / No

8b. Speed of initiating DDoS mitigation
How long does it take before your enterprise is able to initiate DDoS mitigation? Within 60 seconds / Between 60 seconds and 5 minutes / Longer than 5 minutes

Questions of the month

Q1a. Has your organization been the target or victim of a ransom-related DDoS (RDDoS) attack in the last 12 months?

Yes, No

IF YES AT Q1a: Q1b. Have you been targeted more than once?

Yes, No

IF YES AT Q1a : Q1c. Did you ever opt to pay the ransom?

Yes, No

Q1d. Has your organization been the target or victim of a ransomware attack in the last 12 months?

Yes, No

IF YES AT Q1d: Q1e. Have you been targeted more than once?

Yes, No

IF YES AT Q1d: Q1f. Did you ever opt to pay the ransom?

Yes, No

Q1g. Has confident are you in your organization’s knowledge of how to respond to a RDDoS attack?

Very confident, Somewhat confident, Not particularly confident, Not at all confident