Check out all the on-demand sessions from the Intelligent Security Summit here.
Since the beginning of the Russia-Ukraine war on February 24th 2022, anxieties over cyberwarfare have grown, with President Biden warning that Russian cyberattacks were “coming,” shortly after the invasion. Yet, many IT professionals aren’t as concerned over the impact of state-sponsored threats.
Today, attack surface visibility provider Armis released the State of Cyberwarfare and Trends Report: 2022-2023, surveying 6,000 IT professionals globally across multiple industries including healthcare, critical infrastructure, retail, supply chain and logistics, and found that 33% of global organizations aren’t taking cyberwarfare seriously.
These respondents remained indifferent or unconcerned about the impact of cyberwarfare on their business, in spite of the fact that more than half (54%) of respondents experienced more threat activity on their network between May and October 2022 than they did six months prior.
Above all, the research indicates that a substantial proportion of organizations need to be doing more to combat state-sponsored threats if they want to protect their critical data assets.
Intelligent Security Summit On-Demand
Learn the critical role of AI & ML in cybersecurity and industry specific case studies. Watch on-demand sessions today.
Why aren’t organizations taking cyberwarfare seriously?
Armis’ research comes as the Russia-Ukraine geopolitical conflict continues to unfold and as nation-state threats continue to multiply. Microsoft found that the number of cyberattacks perpetrated by nation-states jumped from 20% to 40% between July 2021 to June 2022.
While many IT professionals remain ambivalent toward nation-state cyberattacks and may assume their business isn’t a priority target, Nadir Izrael, cofounder and CTO of Armis, argues that overlooking these threats is a serious mistake.
“It’s vital to the safety and success of businesses and their employees to take cyberwarfare seriously. In many cases, this apathy and nonchalance are likely due to denial and a lack of accountability. There’s also a difference between how an organization and its CISO views cyberwarfare versus how a regular person views cyberwarfare,” Izrael said.
Izrael suggests that regular people have a “false sense of security” as the concept of a state-sponsored attack affecting their organization is a distant idea.
“On the CISO side, this looks slightly different. It’s a combination of the above, as well as it being difficult to shake past concepts that CISOs can’t do anything to defend themselves against these types of attacks. It’s not something that’s insurmountable — it can be protected against. With cyberwarfare, there’s no time to waste because when those attacks hit, it can be completely destructive and difficult to bounce back,” Izrael said.
For organizations that are concerned about the risk of nation-state attacks, the report argues that having an incident response plan in place, as well as testing that plan periodically to identify weaknesses in the organization’s security strategy, is critical to protecting data against these threats.
In incidents where a breach does take place, “islanding,” or isolating infected machines from the rest of the network can help to contain the breach and avoid further damage to high-value data.
Other measures, like investing in security awareness training and implementing a backup solution with continuous monitoring and integrity checking, can help to mitigate other risks and increase the organization’s overall cyber resilience.