- Sixty percent of respondents say recent global attacks, such as WannaCry have directly affected the way they have protected their own enterprise in the last six months.
- Respondents ranked ransomware as the most concerning with 28 percent of respondents selecting this type of threat, and system compromise ranked second with 21 percent. As the WannaCry attack crippled global systems, the positioning of ransomware as the top CISO concern is understandable and gives a clear indication of current threat landscape awareness for this first Cyber Benchmarks Index.
- 44 percent of respondents have focused on increasing their ability to respond to both ransomware and DDoS, confirming that priorities for CISOs are avoiding both ransom requests and website disruption.
When asked if criminals were increasingly behind threats, 49 percent of respondents thought they were. When asked if they thought threats from unknowns were on the increase, 38 percent of respondents agreed. Responses from future surveys will reveal how the perception of the threat landscape changes over time, and currently show that threats are thought to be increasing most from the world at large (58 percent) and least from within a CISO's own company (30 percent)."Understandably, security professionals have their finger on the pulse of the threat landscape, with the survey responses demonstrating their clear knowledge of attacks and attackers. Tracking who respondents think attackers are and where attacks come from will be interesting, as we will be able to see how global events and news headlines might, or might not, influence the answers," continued Rodney Joffe, "If news stories about election rigging lead to a rise in nation/state actors being considered a threat, then this will show up in the Cyber Benchmarks Index and provide a valuable regular touchpoint to take the industry temperature on cybersecurity. The results from this first survey taken in May 2017 have produced an initial index of 6.5, which is slightly elevated. Over the coming survey periods, we will track the rise and fall of concerns which will obviously be affected by both external events, and concerns internal to respondents' organisations." The survey was conducted, on behalf of Neustar, by respected, independent market research agency, Harris Interactive. Director of Technology at Harris, Lee Langford, commented that, "The initial findings of this unique survey reflect a genuine concern about the threat landscape on the part of cybersecurity professionals across EMEA, and we look forward to working with the Neustar International Security Council to track security executives' opinions and concerns in this dynamic environment." The Neustar International Security Council is an elite group of select cybersecurity leaders from key industries and companies, including business managers and senior directors, CTOs and other professionals with a security remit. Through face-to-face events including an annual summit, quarterly thought-leadership seminars and regional roundtables, members learn and share the latest trends from leading experts and peers. For more information: https://www.nisc.neustar/. NISC Cyber Benchmark Index methodology In May 2017, 290 interviews were completed across 11 countries: France, Germany, Italy, Spain, UK, Austria, Czech Republic, Netherlands, Russia, Switzerland and Ukraine. Survey respondents hold senior positions such as CTO, Director of IT and Security Consultant including business managers, senior directors, CTOs and other professionals with a security remit.
The Index figure is calculated using a number of questions that are to be repeated in every survey and tracked over time to create an index that is both stable but also sensitive to changes in the cybersecurity landscape. An initial figure is taken from the percentage of enterprises that say notable recent cyber events have directly affected the way they protect their business. This figure is multiplied by the average "net increase" percentages from across three separate questions (one which indicates how the threat of attack by various vectors has changed) (one which indicates how the risk of attack from various actors has changed) and (one which indicates how the threat landscape has changed).Finally, Neustar multiplies the resulting figure by the percentage of enterprises that have ever been on the receiving end of a DDoS attack. ### About Neustar Every day, the world generates roughly 2.5 quadrillion bits of data. Neustar (NYSE: NSR) isolates certain elements and analyzes, simplifies and edits them to make precise and valuable decisions that drive results. As one of the few companies capable of knowing with certainty who is on the other end of every interaction, we're trusted by the world's great brands to make critical decisions some 20 billion times a day. We help marketers send timely and relevant messages to the right people. Because we can authoritatively tell a client exactly who is calling or connecting with them, we make critical realtime responses possible. And the same comprehensive information that enables our clients to direct and manage orders also stops attackers. We know when someone isn't who they claim to be, which helps stop fraud and denial of service before they're a problem. Because we're also an experienced manager of some of the world's most complex databases, we help clients control their online identity, registering and protecting their domain name, and routing traffic to the correct network address. By linking the most essential information with the people who depend on it, we provide more than 11,000 clients worldwide with decisions—not just data. More information is available at https://www.neustar.biz