Trellix and the Center for Strategic and International Studies (CSIS) have just released a global cybersecurity report, In the Crosshairs: Organizations and Nation-State Cyber Threats. Based on Vanson Bourne research, the insights are pulled from a survey of 800 global IT decision makers from a variety of industries, specifically critical infrastructure.
The report gauges the perceptions of cyberattacks believed to be the work of nation-states or proxy groups acting on their behalf. It also outlines cybersecurity infrastructure gaps recognized by IT professionals and the most highly detected state-backed threat activity. 86% of respondents believe they have been targeted by cyberattacks conducted by a group acting on behalf of a nation-state. The risk to organizations is significant, with the average nation-state-backed cyberattack costing an estimated $1.6 million per incident, according to respondents.
Other notable insights from the report include:
- Only 27% say they have complete confidence in their ability to identify nation-state cyberattacks, and only 10% say they have a comprehensive cybersecurity strategy
- More than 90% say they are willing to share information on attacks publicly, but not always with full details of the attack or its effect
- 30% of organizations rely on the press to determine that a nation-state is behind a cyber incident
The report found Russia and China among the most likely suspects of being behind successful cyberattacks resulting in data loss, service disruption, and industrial espionage, which led to significant costs to the organizations attacked.
“As geopolitical tensions rise, the likelihood of nation-state cyberattacks rises as well,” said Bryan Palma, CEO of Trellix. “Cybersecurity talent shortages, outdated IT infrastructure, and remote work are the greatest challenges in today’s operating environment. Organizations must improve their automation, remediation, and resiliency capabilities to defend against increasingly sophisticated attacks.”
“Nation-states and their criminal proxies are some of the most dangerous cyber attackers because they are capable, best resourced and extremely persistent,” said James Lewis, senior vice president and director, Strategic Technologies Program for CSIS. “It’s not surprising that nation states, particularly China and Russia, are behind many of the cyber-attacks organizations experience; what is surprising is that 86 percent of respondents in this survey believe they have been targeted by a group acting on behalf of a nation-state, and only 27 percent are completely confident in their organization’s ability to recognize such an attack in contrast to other cyberattacks.”