Digitisation, new technologies and increased interconnectivity have increased the level of cyber threats, causing an unprecedented demand for cybersecurity capabilities and increased leadership attention.
In our survey we asked how Danish organisations have perceived the change in cyber threat levels in the past years. As anticipated, most Danish organisations have responded that it has gone up.
What does the survey show?
According to our survey, an average of 77% of the Danish organisations believe the cyber threat level has increased or increased significantly in recent years1. 22% of the organisations believe that the cyber threat level has remained unchanged during the same time period, while only 1% considers the threat level to have been reduced.
Sector deep dive
In our sector deep dive, we observed that all four sectors perceive the cyber threat level to have increased in the last two to five years. During this period, more than a quarter of the businesses in the PS, ERS, and CGS state that they perceive the threat level to have increased significantly2. Meanwhile, more than a quarter of the organisations in the FS indicate that the threat level remains unchanged. The CGS is the only sector in which organisations have indicated a decrease in the overall threat level.
1. We asked businesses in the Public sector about their perception of the cyber threat development during the past five years, and asked businesses in the remaining three sectors about their perception of the same development during the past two years.
2. Respondents were given the following answering options when it comes to the development in the threat level: 1) increased significantly, 2) increased, 3) unchanged 4) decrease and 5) decreased significantly. None of the respondents indicated a significant decrease.
Building a resilient cybersecurity defence begins with a detailed threat assessment; weighing the likelihood and business impact of cyber threats and implementing prioritised cybersecurity measures accordingly. This approach should form the basis of a cybersecurity strategy and related investment decisions that underpin capability improvements.
Our survey shows that most Danish organisations are aware of the increase in cyber threats. This finding is positive, and the results align with the prioritisation of cybersecurity on the leadership agenda. In fact, a whopping 77% of organisations indicate a perceived increase or significant increase in the general cyber threat levels. This is a clear testimony to the severity of the cybersecurity issue faced by today’s organisations.
For organisations in the PS, CGS and ERS, the increase in the cyber threat level has been substantial. In fact, one out of four organisations in these sectors has experienced a significant increase in the cyber threat level during the last two to five years.
This could indicate a net increase in cyber threat activity; it could also indicate increasing visibility and a broader understanding of the cyber threat landscape. This is also likely to be influenced by the high-profile cybersecurity incidents that Danish and international organisations have experienced in the same period.
Our survey also reveals that the FS has the highest percentage of respondents indicating that the threat level has remained unchanged during the last couple of years. A possible reason for this is the generally high cybersecurity maturity of the FS, largely driven by strict regulations, as well as a deeper understanding of the cyber threat landscape.
In fact, being at the forefront of cybersecurity might have resulted in the FS not seeing the developments in the cyber threat level but assessing it to be at a constant high. The quote from the organisation in the financial sector supports this argument.
In our experience, having visibility into one’s own organisation, having the needed resources available and having access to sufficient threat data is crucial to having a realistic understanding of the cyber threat landscape. A lack of such understanding makes it difficult to mitigate relevant threats and prioritise cybersecurity investments. A mismatch between cyber threats and cyber defence efforts poses a potent security risk.
The bigger picture
Understanding the cyber threat landscape
An organisation should not only be aware of the general cyber threat landscape and threat level
, but also have deeper insights into the specific threats that the organisation is facing. This involves assessing which assets need to be further protected and knowing about the potential attackers’ modus operandi. Every organisation should map its most valuable assets, i.e. its “crown jewels”, define its most crucial business priorities and investigate what vulnerabilities and threats are associated with the existing systems and technologies.
“Sensing” a cyberattack
Companies have historically invested in detecting cyberattacks. Such detection is based on a combination of technology, processes and people. Recent cyberattacks have shown that this does not suffice. For example, the NotPetya attack in 2017 was able to wipe out half of the affected companies’ critical assets in less than two hours. Today it is also important to sense what attack vectors are more important for your organisation, e.g. through threat intelligence, threat assessments and crown jewel identification, and by regularly ensuring that you are cyber resilient and protecting your crown jewels.
Proactive threat intelligence
Businesses with a highly developed threat intelligence programme are able to anticipate approaching cyber threats to their organisation and – in most mature organisations – take proactive countermeasures before the threats become actual attacks (e.g. emergency patching a vulnerability outside maintenance windows before an imminent attack).