Trend Micro Incorporated, a global cybersecurity provider, has announced the results of its latest global Cyber Risk Index (CRI) for the second half of 2021, which stands at -0.04, which represents a high level of risk, with Europe at -0.15. Respondents revealed that 76% of global organizations believe they will be successfully attacked in the next 12 months, with 25% saying this is “very likely” and a slightly lower percentage (20%) among organizations European, this being 18% among Spanish companies; while the companies that see it as “likely” to be victims of an attack rises to 30% both among Spanish organizations and those from the rest of Europe (29%).
“To craft an effective cybersecurity strategy, organizations must master the art of risk management. This is where reports like the CRI can be a great resource to highlight areas of potential concern,” says Jon Clay, VP-Threat Intelligence at Trend Micro. “As threats to remote work and digital infrastructure persist, organizations must adopt a platform-based approach to optimize security while minimizing their security sprawl.”
The semi-annual CRI report asks targeted questions to gauge the gap between respondents’ preparedness for attacks and their likelihood of being attacked*.
In this report, 84% said they had suffered one or more successful cyberattacks in the last 12 months (29% in Spain), and more than a third (35%) said they had experienced seven or more (18% in Spain).
The threats of greatest concern globally are ransomware, phishing/social engineering, and denial of service (DoS), and the negative consequences of a breach are equipment theft or damage, the cost of external consultants/experts, and the loss of clients.
When it comes to IT infrastructure, organizations are most concerned with mobile/remote employees, cloud computing, and third-party applications.
This highlights the ongoing challenge that many organizations have around the security of the digital investments they made during the pandemic. Such investments were necessary to support remote working, drive business efficiency and agility, and understand the corporate attack surface.
“Organizations face demanding security challenges every day, from software vulnerabilities, data breaches, to ransomware attacks and more,” said Dr. Larry Ponemon, president and founder of the Ponemon Institute. “The semi-annual survey has been a great asset in assessing the rapidly evolving cyber risk landscape to help organizations improve security readiness and guide strategic planning.”
The highest levels of risk were around the following statements:
- My organization’s IT security function supports security in the DevOps environment
- My organization’s IT security officer (CISO) has sufficient authority and resources to achieve a strong security posture
- My organization’s IT security function strictly enforces noncompliance with security policies, standard operating procedures, and external requirements
This clearly indicates that more resources must be devoted to people, processes and technology globally to improve preparedness and reduce overall levels of risk.
- From this information an index value is calculated based on a numerical scale from -10 to 10, with -10 representing the highest level of risk. In this report, the CRI of Spain stood at -0.08 compared to -0.15 for Europe and -0.04 for the world, which indicates a high risk level.
Trend Micro CRI infographic attached for more details.
Eddie is an Australian news reporter with over 9 years in the industry and has published on Forbes and tech crunch.