According to a new survey from cybersecurity firm CrowdStrike, nation state attacks and ransomware remain top priorities of security professionals as the global pandemic and remote work continue to shape our professional lives.
The company’s third annual Global Security Attitude Survey, produced by an independent research firm, includes the results of a survey of 2,200 senior IT decision makers and security professionals in from August and September across 12 countries representing both private and public sector organizations.
Among the key findings, according to a CrowdStrike blog, is that 71% of security professionals have a growing fear of state-backed attacks and ransomware in the wake of COVID-19.
Further, a majority (56%) reported a ransomware attack within the last 12 months.
Nation-state attacks are much more common than people think, the survey found, as 87% of respondents said they felt that way. And, a shocking 73% said those kind of attacks are the single biggest threat to their organization.
Cloud computing has become a requirement in the age of remote work, but that could be exacerbating the issue of increasing attacks, the survey found, as 84% of respondents said they’ve accelerated their digital transformation as a result of the pandemic, with 45% saying they have increased cloud rollouts to remote employees.
Despite the possibility of sanctions from the U.S. Department of the Treasury for paying ransoms to state-backed attackers, 27% of respondents said they’ve paid the ransom, which averages $1.1 million globally.
In the U.S., the average ransom paid is just under $1 million.
According to the survey, organizations are addressing these threats via investment in cybersecurity, digital transformation, and training.
Of organizations that reported a ransomware attack, 76% upgraded their security tools to reduce the risk of a future attack, and 65% upgraded their security staff.
Respondents also indicated that a security investment of at least $100,000 was necessary to securely deploy a remote workforce. And, 61% of respondents said they’ve spent $1 million on digital transformation over the last three years.
CrowdStrike recommends continuing to invest in digital transformation, protecting workloads where they are rather than maintaining security models built around network perimeters, integrating identity protection and quickly identifying, investigating and eliminating threats.