A Sapio Research survey of 473 IT security decision-makers, which formed the foundation of the IronNet Cybersecurity 2021 Cybersecurity Impact Report revealed the complex relationship between the level of confidence organizations have in their cybersecurity posture and their ongoing attack volume and impact.
Bad news
- Nearly half of respondents reported a rise in cyber incidents in the past 12 months
- Adversaries are evading traditional defensive technologies
- Affected respondents say on average the attack costs 11% of company’s annual revenue
Good news
- 90% of respondents reported improvements in security posture over the past two years
- 92% of respondents express confidence in their current security technology stack
- 72% of respondents that have increased information sharing also report improvement in cyber posture
Lessons from the SolarWinds/SUNBURST attack
The SolarWinds/SUNBURST attack impacted by 18,000 companies and nine U.S. government agencies.
One-third of the 85% of respondents affected by SolarWinds “felt a significant financial impact from the attack.”
The attack cost affected companies, on average, 11% of their annual revenue.
These findings demonstrate the pressing need for a transformative approach to cybersecurity — an approach that operationalizes timely, relevant, and actionable threat sharing among industry peers and with the government.
Challenges ahead
Information sharing is hampered by concerns about data privacy and liability (53%), the lack of an automated or standard mechanism to share information with peers (34%), and the fact that shared information is not timely or relevant by the time companies receive it (33%).
General (Ret.) Keith Alexander, founder and co-CEO of IronNet, attributes the ongoing struggle against cyberattacks to the preference to go it alone. He believes working together will create an exponentially stronger defence.
“Sharing and operationalizing attack intelligence through a Collective Defence model provides that automated, real-time solution that is missing in the market, and can be done securely, using anonymized data,” he added.
He opined that this is the only way to ultimately shift the balance of power away from the attackers.
Through the Collective Defense model, IronNet is taking information sharing and collaboration to a new level by enabling anonymized, real-time threat sharing to maximize visibility into the attack landscape and minimize impact on an organization’s operations.
