Carbon Black releases latest Global Threat Report

Carbon Black has released the results of its second Global Threat Report, based on a survey of 2012 CIOs, CTOs and CISOs across eight countries. The results show that the threat environment is sustained as attacks continue to grow in sophistication and complexity.

Key global research findings from the responses of the surveyed businesses:

• 88% of global businesses reported suffering a data breach in the past 12 months
• 84% of global businesses reported an increase in cyberattacks in the last 12 months
• 81% of global businesses said cyberattacks have grown more sophisticated
• 92% of global businesses have concerns around digital transformation projects and 5G
• 79% of global businesses are more confident in their ability to repel cyberattacks than they were 12 months ago
• 89% of global businesses said that threat hunting has improved their defences
• 90% of global businesses said they have plans to increase their security budget

Rick McElroy, Head of Security Strategy at Carbon Black, said: “As we analyse the findings of our second Global Threat Report, it appears businesses are adjusting to the ‘new normal’ of sustained and sophisticated cyberattacks. Greater awareness of external threats and compliance risks have also prompted businesses to become more proactive about managing cyber risks as they witness the financial and reputational impacts that breaches entail.”

The latest report from Carbon Black found that 88% of the global businesses surveyed were breached in the past 12 months, of which one in three (32%) have been breached between three and ten times.

Phishing was found to be the primary cause of successful breaches amongst the surveyed global businesses, closely followed by ransomware attacks, indicating threat actors are targeting the weakest link in the security chain – end users.

44% of global businesses surveyed noted a degree of financial damage associated with breaches, with 12% saying the damage was severe. In contrast, 75% said they suffered damage to their corporate reputation. Reputational damage was felt most in the manufacturing and engineering sector, with 42% reporting severe negative impact.

Defender confidence is on the rise

Participating global businesses reported feeling more confident in their ability to repel cyberattacks than they did 12 months ago. 79% of global companies said they feel more confident and 37% said they feel a lot more confident.

McElroy said: “As the cyberdefence sector continues to mature, businesses are becoming more aware of the tools at their disposal and the tactics they can use to combat cyberattacks. We believe this growing confidence is indicative of a power shift in favour of defenders, who are taking a more proactive approach to hunting out and neutralising threats than previously.”

This is underlined by the 89% of global businesses surveyed who reported seeing their defence strengthened through threat hunting and 81% who found evidence of malicious cyberattack activity during hunting exercises. Recognition of cybersecurity investment benefits is further supported by the fact that 90% of the global businesses said they plan to increase cybersecurity budgets in the next 12 months.

Concern about digital transformation, 5G rollout and cyber skills shortages

When asked about the security around the implementation and management of digital transformation programs and 5G rollout, 92% of surveyed global businesses said they had concerns. 46.5% of respondents suggested there would be more opportunities for cyberattack activity, while 38% said there was a risk of more effective and destructive methods of cybercrime.

A discussion of the results will be livestreamed at 5pm BST on Tuesday 1 October on the link here