Trend Micro today announced the findings of its latest global Cyber Risk Index (CRI) for the second half of 2021, standing at -0.04, which is an elevated risk level with the Middle East and Africa (included under “all regions”). Respondents revealed that 76% of global organizations expect that they will be successfully attacked in the next 12 months.
The semi-yearly CRI report, conducted by Trend Micro and the Ponemon Institute, asked specific questions to measure the gap between respondents’ preparedness for attack and their likelihood of being attacked. the findings, threats that organizations were most concerned about globally are ransomware, phishing/social engineering, and denial of service (DoS). When it comes to IT infrastructure, organizations are most worried about mobile/remote employees, cloud computing, and third-party applications.
“Enterprises of all sizes will continue to have growing concerns on protecting their digital assets as the adoption of technological innovations increases and hybrid workplaces continue to present greater challenges,” said Dr. Moataz Bin Ali, Area Vice President and Managing Director, MEA, Trend Micro. “The evolving threat landscape can create a volatile and demanding digital environment, requiring smart risk management and preparedness with industry-leading solutions and foresight to protect every activity and device in the digital ecosystem. The CRI report acts as a guide offering valuable insight into how organizations in the region should prioritize the adoption of a robust security strategy to combat threat actors to secure their digital journeys going forward”
The report highlights the ongoing challenges many organizations have around securing the digital investments they made during the pandemic. Such investments were necessary to support remote working, drive business efficiencies and agility, and understand the corporate attack surface.
The highest levels of risk were around the following statements:
- My organization’s IT security function supports security in the DevOps environment.
- My organization’s IT security leader (CISO) has sufficient authority and resources to achieve a strong security posture.
- My organization’s IT security function strictly enforces acts of non-compliance to security policies, standard operating procedures, and external requirements.
The results from the report indicate that more resources must be provided to people, processes, and technology across the world to enhance preparedness and reduce overall risk levels.