The year 2017 could be a pivotal moment for cybersecurity in Europe. And that’s thanks to two things: alleged state-sponsored interference in forthcoming national elections in the region, and looming European data protection laws. Both have escalated the issue of online threats and data security right up to board level, in Europe and the U.S. But what happens once it’s there? When it comes to all things cyber, knowledge is power.
So Trend Micro decided to find out what’s happening on the IT frontline, by polling more than 2,400 decision makers. The resulting country-level reports offer a vital snapshot into the extent of the cyber threat facing organizations across the U.S. and Europe, where IT leaders believe they are most exposed, and how they are using advanced security to fight back.
Attack after attack
Nearly two-thirds of IT leaders we polled said they’d suffered a known major attack over the past 12 months – proof if any were needed of the extent of the threat facing organizations from cyberspace. In fact, they were attacked on average four times – although the figure varied significantly, between the Nordics at the low end and Italy, where firms suffered eight on average.
Of those four attacks, three were ransomware – still plaguing U.S. and European organizations despite the best efforts of the white hats to educate businesses on threat protection. Phishing (31%), business email compromise (17%) and cyber espionage (15%) were the next biggest threats last year.
But more importantly, where do IT leaders believe the main threats will come from in 2017? Cyber espionage (20%), topped the list. Could this be a reaction to the wall-to-wall media coverage of alleged state-sponsored interference in the U.S. and upcoming European elections? It’s certainly a growing threat, both in terms of nation state spying and financially motivated cybercrime. Targeted attacks and phishing came next – linked both to each other and to cyber espionage, which is mostly targeted in nature. It seems that organizations are still struggling to get to grips with covert attacks designed to slip under the radar of traditional defenses.
All the experts agree that if a hacker is determined enough they will be able to scale any perimeter wall to get inside your network. The key therefore is to build resilience into your security so you’re able to spot when they do get in as soon as possible, minimizing the potential fall out.
That requires layer upon layer of defense – optimized so the right layer will mitigate the right threat at the right time.
Securing the future
The good news is that two-thirds of European and U.S. IT bosses are using advanced tools like behavioral analytics and machine learning – although the figure drops down to 29% in Sweden and up to 78% in the U.S. But importantly, they’re not using them for the sake of it – three-quarters think these tools and techniques are effective in stopping cyber attacks and more than half actually believe they will make the job of IT professionals easier going forward.
So, what of the future? There was a huge disparity between those IT leaders most confident they understand the challenges facing their organization (France, 92%) and those who were not (Sweden, 56%). But that could be a reflection of many things – not least how much visibility into systems, and therefore insight into the scale of the challenge, they have.
What most respondents did agree on, however, was that the most value to their organization will come from seeking out a vendor able to integrate multiple layers of security – including advanced tools – in a single platform. As European and U.S. organizations brace for the General Data Protection Regulation in May 2018, it’s reassuring that so many are heading in the right direction.