CrowdStrikeVanson Bourne Research Results – November 2020
2020 CrowdStrike Global Security Attitude SurveyInsights into security transformation and prevalent attack vectors
in a work from anywhere world
Headline to go here over a few lines.
202
2
2,200 senior ITDMs and IT security professionals were interviewed in August and September 2020, split in the following ways…
…by country …by sector …by respondent type
Showing respondent country [2,200] Within which sector is your organization? [2,200] Showing respondent type [2,200]
[Country, D2, D4]
400
200
200
200
100
100
100
100
300
200
100
200
US
UK
France
Germany
Spain
Italy
Netherlands
Middle East
India
Japan
Singapore
Australia
306
282
273
177
153
152
147
137
130
126
122
109
86
Financia l services and insurance
Manufacturing and production
Aerospace, automotive andengineering
IT services and technology
Healthcare
Energy, u ti lities, oi l and gas
Biotechnology and pharmaceuticals
Reta il
Public sector
Hospital ity, enterta inment, food, beverages andmedia
Transport
Telecoms
Business and professional services
11001100
Senior IT decision makers IT security professionals
Headline to go here over a few lines.
303
3
While ransomware and nation-state attacks are looming over organizations, their security posture over the coming months and years could have taken a positive turn as a result of the COVID-19 pandemic
The percentage of respondents’
organizations that have suffered a
ransomware attack in last 12 months
56%The average
amount, in millions of USD, that
organizations have had to pay when
paying the ransom demands of their
attackers
$1.1The percentage of
respondents who are more concerned about China than
they are about Russia delivering a devastating nation-state attack on their
organization
58%The percentage of respondents who believe that their
organization’s outlook, over the next
12 months, on its overarching
security strategy and architecture, is more positive now
as a result of the COVID-19 pandemic
79%The percentage of respondents who
agree that COVID-19 has proven to be a
catalyst for long-awaited approvals on
security upgrades
73%
[Q2, Q3a, Q9, Q16, Q22_6]
Headline to go here over a few lines.
404
4
1. The Proliferation of Ransomware
2. Nation-States Present a Huge Threat Regionally
3. The Need for both Digital Transformation and Security Transformation
4. The Changing Cybersecurity Landscape. Have Organizations Gotten Better at Response?
Four areas of interest:
Headline to go here over a few lines.
55
1. The Proliferation of Ransomware
Headline to go here over a few lines.
606
6
Concern levels around ransomware have seen the largest proportional increase of any cyberattack since 2019
Thinking about your organization’s IT security over the next 12 months, which of the following types of cyberattack are causing concern in your organization? [Base in chart] omitting some answers, split by historical data
[Q1]
54%53% 52%
43%
37% 37%32% 32%
29% 29%27%
42%
53%49%
42%
35%
29%33% 35%
28% 30%
24%
46%
57%
50%47%
42%
0% 0% 0%
33% 34%30%
Ransomware Generalmalware
Phishing/spearphishing
Passwordattacks
Advancedtargetedattacks
IOT attacks Mobile attacks ICS/SCADAattacks
Supply chainattacks
Denial ofservice
Fileless attackson endpoints
2020 total [2,200] 2019 total [1,900] 2018 total [1,300]
Headline to go here over a few lines.
707
7
The pandemic has had an obvious impact on respondents’ fears around ransomware attacks
How has COVID-19 influenced your view as a cybersecurity expert toward ransomware attacks? [2,200] omitting “Don’t know” answers (<1%), split by country
[Q4]
71%83%
79%78%
72%70%70%69%
68%66%
62%59%
50%
23%12%
17%19%
24%21%
26%23%
23%27%36%
34%45%
5%5%4%4%4%
8%5%
8%9%
7%2%
5%3%
TotalIndia
AustraliaUS
SpainMiddle East
FranceSingapore
JapanGermany
UKNetherlands
Italy
I am more worried about ransomware attacks now My view has not changed as a result of COVID-19
I am less worried about ransomware attacks now
Headline to go here over a few lines.
808
8
Approaching six in ten (56%) respondents work for an organization that has suffered a ransomware attack during the last 12 months
Has your organization suffered from a ransomware attack in the past 12 months (whether you actually paid the ransom or not)? [2,200] omitting “Don’t know” answers (1%), split by country
[Q2]
24%
36%
28%
28%
27%
24%
23%
22%
21%
21%
17%
14%
12%
33%
38%
32%
24%
29%
43%
23%
36%
38%
23%
23%
37%
27%
28%
13%
28%
30%
27%
23%
32%
29%
28%
38%
45%
34%
38%
15%
12%
13%
19%
16%
11%
21%
13%
12%
17%
14%
15%
24%
Total
India
France
Japan
Italy
Australia
Singapore
US
Germany
Netherlands
Spain
Middle East
UK
Yes – more than once Yes – but only once No – but we expect we will No – and we do not expect to
Headline to go here over a few lines.
909
9
While only 27% of respondents’ organizations paid the ransom when they suffered a ransomware attack, it cost them an average of $1.1 million (USD)
Which of the following actions did your organization take as a result of the ransomware attack(s)? [1,241] respondents from organizations that have suffered a ransomware attack in the last 12 months, omitting some answers
Showing the average amount, in millions of USD, that organizations had to pay as a result of the ransomware attack that they suffered in the last 12 months [331] respondents from organizations that paid the ransom to their ransomware attackers, split by region
[Q3, Q3a]
76%
65%
32%
27%
Upgraded our securitysoftware/infrastructure to reduce risk
of future attacks
Upgraded our security staff to reducerisk of future attacks
Attempted to negot iate with theattackers
Paid the ransom
$1.10
$1.18
$1.06
$0.99
Total
APAC
EMEA
US
Headline to go here over a few lines.
1010
2. Nation-States Present a Huge Threat Regionally
Headline to go here over a few lines.
11011
11
While it is generally believed that nation-state attacks go under the radar, there is a high level of concern on display among respondents about this attack type
Agree that nation-state sponsored cyberattacks
are far more common than most people think – this opinion is most common
(94%) among respondents from Japan
87%Believe that nation-state sponsored cyberattacks will pose the single biggest threat to organizations like theirs in 2021 – respondents from
India are most likely (90%) to display this attitude, while those from the
biotechnology and pharmaceuticals sector are the most likely (82%) of
any industry to report this belief
73%
[Q11_1, Q11_3]
Showing the proportion of respondents who agree with the following statements: “Nation-state sponsored cyberattacks are far more common than most people think” and “Nation-state sponsored cyberattacks will pose the single biggest threat to organizations like mine in 2021” [2,200]
Headline to go here over a few lines.
12012
12
Concern around nation-state attacks has risen steadily since 2018, likely resulting from high profile attacks that have targeted government elections in recent years
Thinking of all of the different types of cyberattackers who may target your organization, which concerns your organization the most? Combination of responses ranked first, second and third [Base in chart] omitting some answers, split by historical data
[Q5combi]
88%
74%70%
63%
88%
73% 74%
59%
89%
79%74%
54%
Cyber criminalsand eCrime
groups (f inanciallymotivated)
Hacktivists Insider threats Nation-states
2020 total [2,200] 2019 total [1,900] 2018 total [1,300]
Headline to go here over a few lines.
13013
13
China are more likely to be a concern than Russia when it comes to delivering a devastating nation-state attack, but the concern is much more balanced in the EMEA region
Hypothetically, which of the following countries are you more concerned about delivering a devastating nation-state attack on your organization? [2,200], split by region and country
[Q9]
58%71%
55%49%
79%69%
65%61%
59%53%
51%47%
46%45%
44%
37%25%
42%45%
19%23%31%
30%34%
39%39%
45%51%
50%53%
5%5%
3%7%
2%9%
5%9%
7%9%
10%8%
4%5%4%
TotalAPAC
USEMEA
IndiaJapan
AustraliaItaly
SingaporeFrance
Middle EastSpain
UKNetherlands
Germany
China Russia Don't know
Headline to go here over a few lines.
14014
14
Growing international tensions (e.g. US-China trade war) are likely to result in a considerable
increase in cyber threats for organizationsNation-states are now more motivated than ever to pursue attacks against organizations
My organization cannot rule out being the target of a nation-state sponsored cyberattack
by any government, including our own
Showing the proportion of respondents who agree with the above statements [2,200] split by country
[Q11_6, Q11_7, Q11_5]
83%89%88%
86%84%84%84%83%82%
81%76%
74%71%
TotalIndia
USSingapore
Middle EastAustralia
UKItaly
GermanyJapan
FranceNetherlands
Spain
89%95%92%91%91%91%
88%87%86%85%85%
79%79%
TotalIndia
UKMiddle East
SingaporeUS
AustraliaJapan
FranceSpain
GermanyItaly
Netherlands
81%92%
84%83%83%82%82%82%
78%76%75%75%74%
TotalSingapore
AustraliaIndia
USUK
FranceJapan
GermanyNetherlands
SpainItaly
Middle East
Headline to go here over a few lines.
15015
15
On average, respondents reported four separate reasons as to why an organization like theirs might be targeted by a nation-state sponsored cyberattack
What, do you feel, would motivate a nation-state to attempt a cyberattack against an organization like yours? [2,200] omitting some answers
[Q6]
51% 50%47%
44%
39% 37%
31%27%
25%
Access to valuablecustomer data
Financial/intellectualproperty (IP) gain
To take advantageof vulnerabilities
caused byCOVID-19
Intelligence (forinstance if an
organization makesa product for agovernment)
Tarnish the organization’s image
To provoke instability within the
organization’s country
For the attackersown (perceived)national security
Polit ical capital Revenge/retribution
Headline to go here over a few lines.
1616
3. The Need for both Digital Transformation and Security Transformation
Headline to go here over a few lines.
17017
17
61% of respondents’ organizations have spent at least $1 million (USD) on digital transformation over last three years, with the average spend approaching $5 million (USD)
Showing the average amount, in millions of USD, that organizations have spent on digital transformation over the past three years [2,200] split by country
[Q12]
$4.86
$6.84
$5.99
$5.78
$5.72
$5.15
$4.90
$4.76
$4.10
$3.86
$3.78
$3.66
$2.85
Total
Netherlands
Australia
US
UK
Singapore
Germany
Spain
Italy
France
India
Japan
Middle East
Headline to go here over a few lines.
18018
18
The vast majority of respondents’ organizations have accelerated their digital transformation plans as a direct result of COVID-19
To what extent has COVID-19 influenced the speed of your organization’s digital transformation? [2,200] omitting “Don’t know” answers (1%), split by country
[Q14]
84%95%
92%90%90%89%
85%84%
80%77%
74%74%74%
11%1%
7%6%7%
6%12%
15%15%
12%20%
24%20%
3%3%
2%3%3%
5%3%
1%4%
6%5%
1%5%
TotalMiddle East
AustraliaSingapore
USIndia
GermanySpain
FranceJapan
ItalyNetherlands
UK
We have accelerated our digital t ransformation as a result of COVID-19
Our digital transformation speed has remained roughly the same
We have slowed down digital t ransformation as a result of COVID-19
Headline to go here over a few lines.
19019
19
Modernizing security tools and increasing cloud rollout have been crucial to organizations in their response to the pandemic
What changes has your organization undergone in order to meet the challenge of the COVID-19 pandemic? [2,200] omitting some answers
[Q18]
45% 44%
35% 34% 33%
28% 27% 27%24% 23%
5%
Modernizing oursecurity tools
Increased rollout ofcloud technology as
more employeeswork remotely
Hiring andrecruitment has
been frozen
A temporary shift toremote working but
a return to theoffice in the
next 3-6 months
We’ve had to change and
evolve our security toolkit
A full-time shift toremote working
Deployment of newtechnology hasslowed down orpaused entirely
We’ve had to change and evolve
our products/services
We’ve had tolay-off/make
redundant some staff
Departmentshaving to ask for
increased budgets
We haven’t made any changes to
meet the challenge of COVID-19
Headline to go here over a few lines.
20020
20
Almost 80% of respondents’ organizations were let down in some way by technology when adapting to the COVID-19 pandemic
Were there any areas where your organization’s technology let it down when adapting to the COVID-19 pandemic? [2,200] omitting some answers
[Q21]
38%
32%
32%
31%
27%
27%
24%
22%
21%
IT Operations tools
Networking
Legacy security tools (e.g.firewall, antivirus)
Data storage
Modern/advanced security tools
AI
Useridentification/authentication
Analytics
There were no areas where ourtechnology let us down
Headline to go here over a few lines.
21021
21
It appears that the pandemic has kick-started organizations into action when it comes to spending in critical technology areas
Showing the percentage of respondents who report that their organization’s spending on security tools and cloud technology has accelerated as a result of the COVID-19 pandemic [2,200] split by country
[Q20]
76%
86%80% 79% 78% 78%
75% 73% 72% 71% 68% 66% 63%
73%77% 80% 79%
75% 75%
65%70% 71%
73%
67% 67% 68%
Total India US Australia Spain Middle East France Japan Singapore UK Italy Germany Netherlands
Security tools spending acceleration Cloud technology spending acceleration
Headline to go here over a few lines.
22022
22
90% of surveyed organizations have spent an additional $100,000 (USD) or more in order to adapt to the challenges posed by COVID-19, with the average spend being over $1 million (USD)
Showing the average amount of additional spending, in millions of USD, that organizations have had to do in order to adapt to the challenges posed by the COVID-19 pandemic [2,200] split by country
[Q19]
$1.05
$1.47
$1.30
$1.07
$1.05
$1.01
$1.01
$0.99
$0.87
$0.77
$0.76
$0.74
$0.73
Total
US
Netherlands
Singapore
Germany
Australia
India
UK
Japan
France
Middle East
Italy
Spain
Headline to go here over a few lines.
23023
23
An economic recession will clearly be bad news for organizations, particularly given that the majority of respondents believe that it is now harder for their organization to prevent an intruder reaching their objective
Has the COVID-19 pandemic and its subsequent impacts (lockdowns and remote working) had an effect on your organization’s abilities to prevent a cyberattacker/intruder from reaching their objective? [2,200] split by country
[Q22_1, Q28]
Believe that economic recession leads to
increased cybercriminal activity leveraged against
their organization – this belief is most common
(82%) among respondents from US organizations
74%
Showing the percentage of respondents who agree with the following statement: “Economic recession leads to increased cybercriminal activity leveraged against my organization” [2,200]
60%67%
63%63%63%62%61%
57%56%54%53%51%51%
27%14%23%26%
22%27%30%
30%32%
25%41%
36%36%
14%19%
14%11%
16%11%
9%13%13%
21%7%
13%13%
TotalIndia
AustraliaSpain
USJapan
FranceSingaporeGermany
Middle EastUK
ItalyNetherlands
It has become harder There has been no change It has become easier
Headline to go here over a few lines.
24024
24
Despite the raft of challenges that the pandemic has created, the majority of respondents believe that it will ultimately have a positive impact on their organization’s security strategy and architecture
Showing the percentage of respondents who believe that the COVID-19 pandemic has had a positive impact on their organization’s overarching security strategy and architecture for the next 12 months [2,200] split by country and respondent type
[Q16]
79%
89%
84%
83%
81%
78%
78%
78%
78%
76%
75%
73%
58%
84%
73%
Total
India
Spain
Netherlands
US
France
Germany
Middle East
Australia
Singapore
UK
Japan
Italy
Senior ITDMs
IT security employees
Headline to go here over a few lines.
2525
4. The Changing Cybersecurity Landscape. Have Organizations Gotten Better at Response?
Headline to go here over a few lines.
26026
26
There has been very little improvement in the average detection time of a cyber security incident in respondents’ organizations over the past year
The percentage of respondents who report that
it would take their organization more than one
minute to detect a cyber security incursion/incident
90%The average number of
hours respondents estimate that it would take their
organization to detect a cyber security
incursion/incident – this average is approximately
the same as the 2019 data, when the average was 120
hours
117
[Q23]
How long do you estimate that it would take your organization to detect a cyber security incursion/incident? [2,200]
Headline to go here over a few lines.
27027
27
More than half of respondents report COVID-19 has slowed down detection time of a cyber security incident in their organization
What impact, if any, would you estimate that COVID-19 has had on the average time that it takes for your organization to detect cybersecurity incursions/incidents? [2,200] omitting “Don’t know” answers (1%), split by country
[Q25]
8%9%
3%10%10%
7%2%
1%9%
12%12%
6%11%
19%16%
14%22%
30%10%
10%18%
21%21%
12%28%
23%
25%28%
23%20%
22%32%
21%33%
23%24%
27%18%
25%
27%26%
35%34%
25%29%
44%26%
19%13%
36%27%
23%
16%18%
15%8%8%
18%14%13%25%
25%8%
16%17%
5%3%
9%7%
5%4%
9%8%
1%4%
3%5%
3%
TotalUSUK
FranceGermany
SpainItaly
NetherlandsMiddle East
IndiaJapan
SingaporeAustralia
Detection time is a week or more slower Detection time is days slower Detection time is hours slower
Detection time has not changed Detection time is faster It’s too soon to say
Headline to go here over a few lines.
28028
28
Organizations appear to be up against it when it comes to faster detection of cybersecurity incidents
What is preventing your organization from detecting cyber security incursions/incidents faster? [2,200] omitting “Other” answers (1%)
[Q24]
37%
32%30% 29% 28% 27%
25%22% 22% 22%
18%
Focus is more onprevention and
perimeter securitythan detection
Cyberattackers arealways one step
ahead of us
We have legacyinfrastructure that is
a challenge toupgrade/secure
Lack of resourcesin the cyber
securitydepartment
We are havingtrouble hiring
professionals withthe right set of skills
Shadow ITprevents easy
detection
Our network is toofragmented with a
lack of visibility
Our cyber securitysolution is not
good enough atdetecting threats
Too manyincidents to keep
on top of
We have too manyvendors/solutions in
use
We don't knowenough aboutcyberattackers
(who, where, why?)
Headline to go here over a few lines.
29029
29
More than half of those surveyed expect COVID-19 to increase cybersecurity risk for their organization
What impact do you expect COVID-19 to have on cybersecurity risk for your organization from cyberattacks? [2,200] omitting “Don’t know” answers (1%), split by country
[Q17]
55%
66%
63%
61%
59%
58%
54%
53%
52%
51%
42%
40%
32%
24%
18%
30%
13%
18%
22%
28%
30%
36%
26%
24%
32%
46%
20%
16%
8%
25%
24%
19%
18%
17%
9%
24%
34%
28%
22%
Total
US
UK
India
Australia
Singapore
Japan
Spain
Italy
France
Middle East
Germany
Netherlands
Higher risk No change in risk Lower risk
Headline to go here over a few lines.
30030
30
The glimmer of hope for organizations is that the pandemic has lit a fire under them, and this will likely result in upgrades to their security infrastructure
Showing the percentage of respondents who agree with the following statement: “COVID-19 has proven to be a catalyst for long-awaited approvals on security upgrades” [2,200] split by country
[Q22_6]
73%
79%
79%
77%
74%
73%
73%
72%
71%
68%
67%
66%
64%
Total
US
India
Italy
Spain
Singapore
Australia
Middle East
UK
Netherlands
France
Japan
Germany
Headline to go here over a few lines.
31031
31
Thank you
To find out more, please visit:vansonbourne.com