2021 Cybersecurity Impact Report

Amid escalating attacks, organizations explore new strategies
As global headlines indicate, cyber attacks are fast becoming the pandemic of 2021. The good news is that most of our global survey respondents (90%) indicated that the security posture of their company has improved in the past two years. Nevertheless, 86% have had a cybersecurity incident so severe in the past year that it required a C-level or Board meeting.  What is the disconnect between a reportedly high level of confidence in existing controls and the fact that attacks are on the rise? Responses suggest the answer could lie in one key strategy.   
IronNet-Cybersecurity-Impact-Report-Cover Image

Key Findings

IronNet-Cybersecurity Impact-Security improves

A false sense of security?

Most of the respondents indicated that the security posture of their company has improved in the past two years, but has it? Although organizations cite “the increasing sophistication of attacks” as a main cause for their ongoing issues with current cybersecurity defenses, even unsophisticated attacks such as business email compromise and credential phishing continue to happen across industries and can cause as much damage as nation-state attacks.

IronNet-Cybersecurity Impact-Caught by the storm

Caught by the storm

Most felt the impact of SolarWinds; very few have felt no impact at all when the SolarWinds attack hit. On average, the incident cost companies surveyed 11% of their annual revenue and has forced them to re-think their supply chain security and to reconsider sharing threat information to combat future attacks.
IronNet-Cybersecurity Impact-The value of threat sharing

The value of threat sharing

Two thirds of the companies interviewed say they are more likely to share cybersecurity information with their industry peers, as a result of SolarWinds. Those respondents who reported increased information sharing have seen an increase in their security posture over the past two years. Both sharing among industry peers (72%) and sharing threat information with the government (53%) have a positive impact on improving security posture (even though others are still reluctant to share threat information with the government).
IronNet-Cybersecurity Impact-More cloud

More cloud = more risk

At the moment, companies have on average 40% of their operations in the cloud. This proportion is expected to increase in the future, even if the majority of respondents recognized that the adoption of cloud comes with additional cybersecurity risks.
IronNet-CyberSecurity-Impact-Report-Cover Image-Hexagon