weaponAsset visibility and security company, revealed the findings Army’s State of Cyberwarfare and Trends Report: 2022-2023, which measured global IT and security professionals’ perceptions of cyberwarfare. It found that while 84% of UK organizations claimed they had programs and practices in place to respond to cyber warfare threats, only a third (32%) said their plans were validated by best practice frameworks, which is roughly below the global average. 40%. Additionally, 57% of UK organizations have halted or stalled digital transformation projects due to the threat of cyberwarfare – slightly higher than the global average of 55%.

The threat of cyber warfare is on the rise

Russian aggression in Ukraine has not only tragically upended the lives of countless people in a sovereign nation, but it is also causing geopolitical shocks of cyber warfare that will reverberate for the foreseeable future. Today’s goals go beyond the highest levels of opposition governments; Any organization with critical infrastructure and high-value organizations at the top of the list is a potential victim. The study shares responses from 6,000 respondents globally and across multiple industries including healthcare, critical infrastructure, retail, supply chain and logistics, and more.

The study showed that cyberwarfare was one of the lowest-ranked priorities for UK organizations – despite the majority of organizations (59%) agreeing that the threat of cyberwarfare has increased since the start of the Ukrainian conflict, and 62% claiming that it has to some extent or has. Very concerned about the threat of cyber warfare in their organizations. In the UK, for example, 42% of security professionals claim to have reported a cyber warfare incident to the authorities, which is significantly higher than the European average of a third of companies, but below the global average of 45%. A further 28% of UK organizations reported more threat activity on their networks in the last six months than in the previous six months.

See also  *WATCH ME APPLY* Bank of America Premium Rewards Credit Card

In addition, other UK findings noted by Armis:

Almost half (46%) of UK security professionals say they are reconsidering suppliers as a result of the Ukrainian conflict.

Almost three-fifths (57%) of UK security professionals support joining the Cyber ​​Defense League if the UK were to enter a cyber warfare conflict.

Almost one in ten (9%) UK companies spend less than 5% of their IT budget on cyber security, while the majority (43%) spend between 5-10%.

When it comes to paying for ransomware, almost a quarter (24%) of security professionals in the UK say they have an “always pay” policy, while a quarter (25%) have a “never pay” policy and only 31% will be Pay if customer data was at risk.

The UK has relatively high confidence in its government to protect against cyber warfare threats (77%), compared to a European average of 67% confident in its government.

What does this mean in light of the Network and Information Systems (NIS) regulations?

The majority of UK organizations either somewhat (46%) or strongly (25%) support extending NIS regulations to all businesses, while 27% are indifferent to the law. Historically, the NIS rules applied to operators of essential services and relevant digital service providers, but have since seen updates in the NIS2 iteration that also extend to “essential” services.

The study also examined the adoption of NIS by UK security professionals and found that only a third (33%) strongly agree that they have mapped their cyber security programs to NIS.

A further 78% of organizations somewhat (41%) or strongly (37%) agree that they review cybersecurity risks from immediate suppliers, with 34% strongly agreeing that they are able to address vulnerabilities in their supply chains. However, when broken down into industry sectors, OT sectors in the UK fell well below the baseline average of being able to confidently address supply chain weaknesses at 28%. Almost half (46%) of UK security professionals across all sectors say they are rethinking suppliers as a direct result of the Ukrainian conflict.

See also  Global Tariff Trends Report, Q4 2022: Explores Differences in 5G Mobile Pricing Across Operators - ResearchAndMarkets.com

“The first set of minimum requirements for NIS2 is to have an adequate risk analysis. This alone is a major issue for many critical or critical organizations, as risk analysis is based on an understanding of the critical assets that comprise the essential function, and for many organizations an up-to-date and accurate asset register either does not exist, outside of it. Dated or partially perfect,” said Andy Norton, European Cyber ​​Risk Officer at Armis. “Not only is it a house of cards to verify cyber security spending, it will be important for organizations to verify that their risk analysis is adequate and appropriate and in accordance with NIS2 legislation. The study indicates that UK organizations are taking some steps to comply with the new regulations and validate cybersecurity programs against best practice frameworks, but also that there is still significant room for improvement.”

For more information on the Army’s State of Cyberwarfare and Trends Report: 2022-2023, including availability of the full report, visit: https://www.armis.com/cyberwarfare/

methodology

Armis surveyed 6021 IT and security professionals at firms with more than 100 employees in the UK (1003), USA, Spain, Portugal, France, Italy, Germany, Austria, Switzerland, Australia, Singapore, Japan, Netherlands and Denmark. Those findings were gathered between September 22, 2022 and October 5, 2022 and depict the state of cyber warfare globally across various sectors and industries.

Source

By admin