IronNet Cybersecurity released a report assessing timely topics such as the estimated cost per enterprise of the SolarWinds cyberattack, executive-level engagement in attack responses, and the effect of information sharing on an organization’s overall security posture.
Sapio surveyed 473 IT security decision makers in the technology, public services, financial, and utilities sectors across the United States, United Kingdom, and Singapore.
Organizations report high level of cybersecurity posture confidence
The report revealed a complex relationship between the reported level of confidence organizations have in their cybersecurity posture and their ongoing attack volume and impact: that is, despite rising confidence, incidents are increasing, too.
While 92 percent of respondents express confidence in their current security technology stack, adversaries are still evading traditional defensive technologies. Nearly half of respondents cited a rise in cyber incidents in the past 12 months, in part due to the increasing sophistication of attacks; and the SolarWinds attack cost, on average, 11 percent of affected respondents’ annual revenue.
What is helping is information sharing
Responses revealed positive effects of cyber-related information sharing on an organization’s overall cybersecurity posture.
- 90 percent of respondents indicated that the security posture of their company has improved over the past two years.
- 72 percent of companies who have increased information sharing with industry peers report their overall security posture has improved over the past two years.
Despite the reported benefits of information sharing for improving cybersecurity, respondents indicated that there are still obstacles that limit collaboration among industry peers: concerns about data privacy and liability (53 percent), the lack of an automated or standard mechanism to share information with peers (34 percent), and the fact that shared information is not timely or relevant by the time companies receive it (33 percent).
General (Ret.) Keith Alexander, Co-CEO of IronNet, said, “Organizations are clearly struggling to keep up with the volume and impact of cyberattacks coming from well-funded and well-organized nation states. We believe that the main reason for this is that every organization is still trying to battle these attacks individually, when they should be working together to create an exponentially stronger defense.
Answering calls to action
Calls for faster, more relevant threat information sharing continue to come from industry- and national-level cybersecurity initiatives. Former President Barack Obama initiated momentum on this concept with his 2015 Executive Order on Cybersecurity, which promoted private sector cybersecurity information sharing.
In March 2020, the U.S. Cyberspace Solarium Commission report emphasized this same call to action, as did President Biden’s U.S. Presidential Executive Order on Improving the Nation’s Cybersecurity in May 2021, emphasizing threat information sharing as a primary theme and signaling to the public and private sectors that still more of this type of collaboration is needed in a timely, immediate, and relevant way.
The report’s findings related to the SolarWinds/SUNBURST attack revealed that organizations are urgently turning toward a threat-sharing model. The report provided an inside look into the financial damage stemming from this widespread supply chain attack that struck 18,000 companies and nine U.S. government agencies.
Among the 85 percent of respondents affected by SolarWinds, nearly one third said their organization felt a significant financial impact from the attack. In fact, the attack cost affected companies, on average, 11 percent of their annual revenue.
These findings demonstrate the pressing need for a transformative approach to cybersecurity — an approach that operationalizes timely, relevant, and actionable threat sharing among industry peers and with the government.