Fifth Annual Report Surveys Perceptions and Buying Practices of 1,200 Information Security Decision Makers and Practitioners Across 17 Countries and 19 Industries
CyberEdge Group, a premier research and marketing firm serving the security industry’s top vendors, today announced immediate availability of its fifth annual Cyberthreat Defense Report. New this year, the report found that 55 percent of responding organizations were compromised by ransomware in 2017, down from 61 percent in 2016. However, respondents who were victimized by ransomware and who elected to pay the ransoms (customarily using Bitcoin) were asked if they successfully recovered their compromised data. Surprisingly, only half confirmed successful data recovery, while the other half acknowledged complete data loss.
With 1,200 IT security decision makers and practitioners participating from 17 countries, six continents, and 19 industries, CyberEdge’s Cyberthreat Defense Report is the most comprehensive study of security professionals’ perceptions in the industry. This study provides a 360-degree view of organizations’ security threats, current defenses, and planned investments.
The 2018 Cyberthreat Defense Report yielded dozens of additional insights into the challenges faced by IT security professionals today. Key findings include:
- Has the bleeding stopped? For the first time in five years, the percentage of organizations affected by a successful cyberattack decreased, from 79 percent in 2016 to 77 percent in 2017. Furthermore, the number of organizations victimized by six or more successful attacks fell from 33 percent in 2016 to 27 percent in 2017.
- Security budgets set new record. The percentage of organizations with rising IT security budgets hit an all-time high – from 48 percent in 2014 to 79 percent in 2018. The average IT security budget is rising 4.7 percent in 2018, which now consumes 12 percent of the overall IT budget.
- IT security skills deficit. For the first time in five years, lack of skilled personnel trumped low security awareness among employees as IT security’s greatest inhibitor to success. In 2018, four in five organization are experiencing an IT security skills shortage.
- Singing the cloud security blues. Nine in 10 organizations are experiencing cloud security challenges, with maintaining data privacy at the top of the list. • Containers—the new weakest link. Application containers (such as Docker, Cloud Page 2 of 3 Foundry, and Kubernetes) edge mobile devices as IT security’s new weakest link.
- Hottest security technologies for 2018. The IT security technologies most planned for acquisition in 2018 include: advanced malware analysis/sandboxing (network security), containerization/micro-virtualization (endpoint and mobile security), and API gateway (application and data-centric security).
“Got a coin? Flip it to see if you’ll get your data back after paying a ransom associated with ransomware. That’s just plain scary,” said Steve Piper, CEO of CyberEdge Group. “In 2017, 55 percent of our respondents’ organizations were victimized by ransomware. Of those victims that refused to pay the ransom (61 percent), the vast majority (87 percent) recovered their data from backups. This just underscores how important it is to incorporate a sensible data backup strategy as part of an organization’s cyberthreat defense strategy.”
“The 2018 Cyberthreat Defense Report is the result of one of the few independent surveys of security practitioners. While many leading vendors provide their own research of the cybersecurity space, it is important to supplement their findings and conclusions with unbiased research and analysis such as the Cyberthreat Defense Report,” said Richard Stiennon, chief research analyst at IT-Harvest, “The leveling off of the percent of respondents reporting breaches is a good sign, but at 77.2 percent, it is still very high and paints a picture of no end in sight for serious breaches in the coming years. I hope all security teams show this to their senior leadership.”
About the Cyberthreat Defense Report
In November 2017, 1,200 IT security decision makers and practitioners completed a 27-question online survey. Each participant was employed by a commercial or government entity with a minimum of 500 employees. Participants stemmed from 19 industries and 17 countries across six geographic regions, as follows:
- North America: United States and Canada
- Europe: United Kingdom, Germany, France, Spain, and Italy
- Asia Pacific: Australia, China, Singapore, and Japan
- Middle East: Saudi Arabia and Turkey
- Latin America: Brazil, Colombia, and Mexico
- Africa: South Africa
Winner of a 2017 Platinum MarCom Award for research excellence, the Cyberthreat Defense Report is designed to complement Verizon’s annual Data Breach Investigations Report, which evaluates the cyberthreat landscape and describes how threats are used to penetrate computer networks. This report assesses organizations' security posture, gauges perceptions about cyberthreats, and ascertains future plans for improving security and reducing risk. It provides deep insights into how IT security professionals perceive cyberthreats and what they’re doing to defend against them.
The 2018 Cyberthreat Defense Report was sponsored by several leading information security vendors, including:
- Platinum sponsors: Code42, Gigamon, Great Bay Software, Imperva, and Palo Alto Networks
- Gold sponsors: Fidelis Cybersecurity, Micro Focus, and Webroot
- Silver sponsors: CloudPassage, iovation, Illusive Networks, and Logsign
Report Available Now
The 2018 Cyberthreat Defense Report is available now through each of the above sponsors and by connecting to the CyberEdge Group website at http://www.cyber-edge.com/cdr.
About CyberEdge Group
CyberEdge Group is an award-winning research and marketing consulting firm serving the diverse needs of information security vendors and service providers. Headquartered in Annapolis, Maryland with three-dozen consultants based across North America, CyberEdge boasts more than 100 of the security industry’s top vendors as clients. The company’s annual Cyberthreat Defense Report provides information security decision makers and practitioners with practical, unbiased insight into how enterprises and government agencies defend their networks against today’s complex cyberthreat landscape. For more information, visit www.cyberedge.com.
The CyberEdge Group name and logo are trademarks of CyberEdge Group, LLC in the United States and other countries. All other trademarks and service marks are the property of their respective owners.
TransUnion Global Fraud & Identity Solutions unite both consumer and device identities to detect threats across markets while ensuring friction-right user experiences. The solutions, all part of the IDVision with iovation suite, fuse traditional data science with machine learning to provide businesses unique insights about consumer transactions, safeguarding tens of millions of transactions each day.