A yearly global study of 2,800 IT professionals summarises the cyberthreat landscape over the past 12 months for a clearer view.

As the cyberthreat-ridden year draws to an end, various firms will be releasing summaries and analyses of all the attacks encountered by their incidence response teams.

One such report for 2020 is from Trend Micro Incorporated. Its latest Cyber Risk Index (CRI) has revealed that 23% of global organizations in their data had suffered seven or more attacks infiltrating networks or systems over the past year. The vast majority (83%) of organizations surveyed expected that such attacks were “somewhat” to “very” likely to be successful in the coming year.

The CRI is based on a numerical scale of -10 to 10, with -10 representing the highest level of risk. The current global index stands at -0.41, representing “elevated” risk, although risk is highest in the US (-1.07) due to a perceived lack of cyber preparedness compared to the other regions.

The CRI involved almost 2,800 IT managers and teams across the USA, Europe and the Asia Pacific region. Responding organizations claimed their top cyber-threat risks globally were:

  • Phishing and social engineering
  • Clickjacking
  • Ransomware
  • Fileless attacks
  • Botnets
  • Man-in-the-middle attacks

 Across the globe, organizations’ key concerns were:

  • The loss of customer data
  • Access to IP and financial information
  • Customer churn
  • Stolen or damaged equipment

The top global security risks within IT infrastructure were highlighted by respondents as:

  • Organizational misalignment and complexity
  • Negligent insiders
  • Cloud computing infrastructure and providers
  • Shortage of qualified personnel
  • Malicious insiders

There were differences between certain countries. For example, in the USA, respondents were unique in listing the cost of outside consultants as a top negative consequence of attack, while in the Asia Pacific region, damage to critical infrastructure concerned organizations more.

Said Jon Clay, Director of Global Threat Communications, Trend Micro: “This year we’ve added data from Europe and APAC to provide truly global insight. It will help organizations across the world find better ways to cut through complexity, mitigate insider threats and skills shortages, and enhance cloud security to minimize cyber risk and drive post-pandemic success.”