CrowdStrike Global Survey reveals fear of state-sponsored and ransomware attacks pose danger of stifling future business growth in post-COVID-19 world

CrowdStrike (Nasdaq: CRWD), a leader in cloud-delivered endpoint and workload protection, today announced the release of the 2020 CrowdStrike Global Security Attitude Survey, produced by independent research firm Vanson Bourne. This year in particular, the report revealed continued proliferation of ransomware, heightened concerns around nation-state actors, and the need for acceleration of both digital and security transformation.

Proliferation of ransomware leads to more frequent payouts, costing millions

Survey data indicates ransomware attacks have proven to be especially effective, as more than half (56%) of organisations surveyed have suffered a ransomware attack in the last year. The COVID-19 pandemic catalysed increasing concerns around ransomware attacks, with many organisations resorting to paying the ransom. The global attitude shifts from a question of if an organisation will experience a ransomware attack to a matter of when an organisation will inevitably pay a ransom. Notable findings include:

• Concern around ransomware attacks continues to increase, with the stark increase in this year’s findings (54%) compared to 2019 (42%) and 2018 (46%).
• Seventy-one percent of cyber security experts globally are more worried about ransomware attacks due to COVID-19.
• Among those hit by ransomware, 27% chose to pay the ransom, costing organisations on average $1.1 million USD owed to hackers.
• The APAC region is suffering the most when paying the ransom with the highest average payout at $1.18 million USD, followed by EMEA at $1.06 million and the US at $0.99 million.

Fear of nation-state cyber attacks can stifle business growth in post-COVID-19 world

Nation-state activity continues to weigh heavily on IT decision-makers, as 87% of respondents agree that nation-state sponsored cyber attacks are far more common than people think. As growing international tensions and the global election year have created a nesting ground for increased nation-state activity, organisations are under increased pressure to resume operations despite the increased value of intellectual property and vulnerabilities caused by COVID-19.

Key highlights include:

• Even with the massive rise in e-crime over the course of 2020, 73% believe nation-state sponsored cyber attacks will pose the single biggest threat to organisations like theirs in 2021. In fact, concerns around nation states have steadily increased, as 63% of cyber security experts view nation states as one of the cyber criminals most likely to cause concern, consistently rising from 2018 (54%) and 2019 (59%).
• Eighty-nine percent are fearful that growing international tensions (eg, US-China trade war) are likely to result in a considerable increase in cyber threats for organisations.
• Approximately two in five IT security professionals believe a nation-state cyber attack on their organisation would be motivated by intelligence (44%) or to take advantage of vulnerabilities caused by COVID-19 (47%).

Digital and security transformation accelerated as business priority

In the wake of these threats, cyber security experts have accelerated their digital and security transformation efforts to address the growing activity from e-crime and nation state actors. While spend on digital transformation continues to trend upward, the COVID-19 pandemic accelerated the timeline for many organisations, costing additional investment to rapidly modernise security tools for the remote workforce. Security transformation roll-out findings include:

• 61% of respondents’ organisations have spent more than $1 million on digital transformation over the past three years.
• 90% of respondents’ organisations have spent a minimum of $100 000 to adapt to the COVID-19 pandemic.
• 66% of respondents have modernised their security tools and/or increased the roll-out of cloud technologies as employees have moved to work remotely.
• 78% of respondents have a more positive outlook on their organisation’s overarching security strategy and architecture over the next 12 months.

“This year has been especially challenging for organisations of all sizes around the world, with both the proliferation of ransomware and growing tensions from nation state actors posing a massive threat to regions worldwide,” said Michael Sentonas, chief technology officer, CrowdStrike. “Now more than ever, organisations are finding ways to rapidly undergo digital transformation to bring their security to the cloud in order to keep pace with modern-day threats and secure their ‘work from anywhere’ operations. Cyber security teams around the globe are making strides in improving their security posture by moving their security infrastructure to the cloud and remaining diligent in their incident detection, response and remediation practices.”

For additional information, please read the following:

• Report
• Blog
• Whitepaper

Methodology

Commissioned by CrowdStrike, the study surveyed 2 200 senior IT decision-makers and IT security professionals in the US, UK, France, Germany, Spain, Italy, Netherlands, Middle East, India, Japan, Singapore and Australia across major industry sectors. The report details the attitudes and beliefs of those in charge of cyber security, and tracks how they are faring against sophisticated and pervasive cyber attacks.