The report, entitled Enterprise Network Security 2021: A Post-Pandemic Threat Landscape Report conducted a survey in the US, the UK, Germany and France into the current corporate security concerns at the top of business.
Geographically the report showed that 55% of US and 49% of UK respondents have experienced the biggest impact to their network security due to these security attacks, which suggests that their businesses are more of a target than those in continental Europe. This in turn, has resulted in 60% respondents increasing their investment in this area.
Overall, 68% of leaders said their company has experienced a DDoS attack in the last 12 months with the UK with 76% and the US with 73% experiencing a significantly higher proportion compared to 59% of their German and 56% French counterparts.
Additionally, over half of the leaders who participated in the survey confirmed that they specifically experienced a DDoS ransom or extortion attack in that time, with 65% targeted at UK companies, compared to 38% in France.
“Due to the sensitive nature of these incidents, the survey didn’t ascertain the extent to which cybercriminals were successful in extorting money from enterprises, but the results do highlight the seriousness of the problem and that there is a financial motive behind many DDoS attacks,” said Mattias Fridström, chief evangelist at Telia Carrier.
“The findings also clearly suggest that UK businesses are being specifically targeted and that the heightened fears of US and UK businesses are justified.”
The impact of the aforementioned DDoS attacks has been so severe for some that 11% of respondents said that such an attack could have undermined business continuity.
A further 40% said that such an attack resulted in significant disruption and loss of business revenues. Once again, the countries most severely impacted were the UK at 43%, followed by the US at 39%, with organisations within the financial service and IT service sectors the most affected.
A staggering 78% of surveyed leaders confirmed that they responded to up to 100 network security incidents in the last 12 months - the highest once again, in the UK and US.
As for the type of attacks these were, phishing was regarded by 56% of leaders as the main cyber threat to their business, with almost as many (49%) viewing DDoS attacks at the same level.
“A comprehensive security solution for enterprises consists of several components, where network security is only one part. However, the network is probably the most vulnerable part of the security stack because of its inherent exposure to the outside world – often across long distances,” added Fridström.
“When it fails, so do all the systems and workflows that depend upon it. It comes as no surprise, when you look at these findings, to know that network security is also by far the biggest security cost for business with 42% of leaders citing it as their greatest security outlay.”
In response to these network security threats, 45% of surveyed leaders use ISP/network provider DDoS protection, with 34% using their own in-house mitigation/scrubbing capabilities and less than a fifth using cloud-based solutions and three in 100 businesses not mitigating these risks at all.
“Enterprises need to evaluate potential security threats throughout their entire ICT ecosystem if they are to successfully face down the ever-increasing severity and unpredictability of evolving threats in an increasingly digitalised and distributed business environment,” said Fridström.
“They will need to act on the lessons learned from the Covid-19 pandemic and scale their security programs with suffice ent headroom to protect their business from future, and as yet unforeseen, threats.”