In today’s continuously evolving threat landscape, over half of European organisations (57%) feel it is easy for attackers to carry out their malicious plans without leaving any traces and would like to find out who is behind an attack (79% of respondents) – according to Kaspersky Lab’s latest survey[1]. On the other hand, being aware of the challenges cyber-investigators face in their job makes IT decisions makers from European organisations understand the level of expertise required to deal with them on a daily basis, with over half of respondents saying they would first turn to their security provider, after a cyberattack.
Considering the rise in the number and impact of cyberattacks affecting organisations – according to the same research, one-in-five (21%) IT decision makers from organisations say that the number of attacks on their organisations has increased over the last 12 months compared to the previous year – more than half of respondents think it is easy for cyber attackers to carry out an attack without leaving any clues – 57%, with UK and France registering figures above the average: 65%, respectively 64%.
Now more than ever, organisations face the difficult task of having to anticipate the attackers’ moves and reduce the attack surface, which sometimes proves too challenging to deal with for some of them. Thus, 20% of ITDMs admit that they haven’t been able to find out how the most recent cyberattack was possible, an indicator suggesting that they really need to reconsider their defence strategy.
Although most of the respondents – 68% – agree that cyber attackers are rarely caught and face trial in a court of justice, an even higher majority – 79% – would like to know who is behind an attack if their organisation is breached.
Being aware of the increasingly clever tactics used by threat actors to avoid detection, it comes as no surprise that the majority of IT decision makers (71%) from European organisations agree that attribution of cyberattacks is a complex task and attackers can only be uncovered by the best investigators.
Another indicator of the trust, people put in their cybersecurity solutions provider is the fact that more IT decision makers said that their organisation would first turn to their cybersecurity provider, rather than to a law enforcement agency: 51% versus 36%. The trust businesses have in their security provider was also confirmed by previous research, with 86% of businesses saying they trusted their provider to behave ethically in the collection and use of their data.
“The fact that organisations understand the complexity of investigating cyberattacks and turn to their security provider first after an attack is further proof that the steps towards transparency and accountability that the industry is making are leading in the right direction. However, a global framework for trust and integrity that applies to everyone is yet to be created in the cybersecurity industry. We strongly believe that the full potential of EU’s modern economy can only be realised with cooperation and trust between cybersecurity players and governments. Only together can governments and companies address cyberthreats effectively and allow for more attackers being caught and brought to justice. On the contrary, the lack of trust and cooperation among governments and private vendors coming from different countries favours nobody but threat actors who know and respect no border in their malicious actions”, declared David Emm, Principal Securtiy Researcher at Kaspersky Lab.
Kaspersky Lab’s Global Transparency Initiative was announced in October 2017, as a first step towards bringing more trust and transparency in the cybersecurity industry. It led to the opening of the first Transparency Center, where trusted partners can review our source and update code – in Zurich, last year. We also relocated elements of our infrastructure to Zurich and other steps of GTI are yet to be implemented.
Kaspersky Lab’s Global Research and Analysis Team (GReAT) is an unrivalled team of talented security professionals mastering the art of uncovering advanced targeted attacks, major malware, ransomware, cyber-espionage campaigns and sneaky underground cybercriminals in order to make the world a safer place for organisations and individuals. GReAT has investigated hundreds of cyberattacks, helping organisations and law enforcement agencies to deal with incident impact, response and investigations. Cooperation between GReAT and law enforcement agencies led to cyber attackers being caught and brought to justice, one of the most famous cases being that of CoinVault. Find out more about GReAT here.
Our experts provide advanced training programs which can help organisations improve their incident response tactics, as well as the ability to analyse malware and their digital forensics abilities.