Our society floats on technology. Digital processes are the lynchpin of organisations. Without them, we can no longer function. However, these processes are threatened by an increasing number of cyber attacks. What are organisations doing in terms of cybersecurity right now? And is this enough to cope with future attacks? Because one thing is certain: cyber attacks have taken on a permanent character.
To get answers to these questions, Conscia has launched a cybersecurity benchmark survey in collaboration with commercial market research firm The Blue Hour. Remarkable conclusions can already be drawn from the initial results and from conversations with homogeneous respondents.
Organisations seem to be well aware of the danger of cyber attacks. For instance, 94% say it is not a question of whether they will be hacked, but when it will happen. Over half also say that cybersecurity is top priority within the organisation. However, when looking at the IT budget spent on cybersecurity, over a third of respondents state that it is too little. When asked what grade organisations give themselves for cybersecurity, the average came to 6.1.
Interviews with respondents confirm these figures and also show a trend. The cybersecurity experts within organisations know all too well what needs to be done. However, it is sometimes difficult for them to get it on the agenda. at Conscia, often sees the same scenarios unfold. "When cybersecurity is in the news, the topic gets attention and money is released to take up issues." According to Maarten Werff, Solution Consultant Cybersecurity at Conscia, there is no uniform blueprint for cybersecurity, as the delusion of the day changes. "Therefore, look at the risks specific to your own organisation."
The issues of the day mean that the threat landscape keeps shifting. Whereas two years ago a DDos attack was still seen as the biggest threat, now respondents say they fear ransomware, phishing and supply-chain attacks in particular. Attention can also shift due to large-scale crises, such as currently in Ukraine. This development has directly led many organisations to change their cybersecurity strategy.
"To effectively combat cyber-attacks, it is prudent to look at what dangers threaten the organisation, what risks are 'acceptable' and adjust policy accordingly," Maarten Werff said. "It is good if organisations realise that they themselves can play a role in reducing or eliminating risks, but to do so, they must first be identified."
Even after taking stock of the risks, it is good to keep an eye on changes in the world. The widespread working from home that the corona pandemic (permanently) brought about is a good example of this. This also changes the risk profile. Possibly, such a change as working from home also requires more alertness from employees. If so, it is good to see that 89% of respondents indicated that cybersecurity awareness is created at all levels of the organisation.
This seems to be pretty good on the prevention side. This is also where by far the most time and energy of organisations is currently spent (43%). The next step - detection - still seems somewhat underexposed with 15%. When asked whether their own SOC or security team is capable of responding adequately to a cyber incident to minimise damage, 39% of respondents answered in the affirmative.
An interesting fact is that 80% indicates that 'Detection and Response' is becoming the most important development within IT security and that this will be the focus for organisations in the coming years. It displaces legislative and regulatory changes from first place, while for 59% of organisations that is currently still the main reason for investing in cybersecurity.
Maarten Werff advocates a balanced distribution of measures in the areas of identification, prevention, detection, response and recovery. He advises making sure the basics are in order. "Know what is present in your network, what software is deployed and make sure known vulnerabilities are eliminated in time."
In the field of detection and response, many things are changing due to organisational and technological developments. Den Oudsten continues: "The deployment of an external 24/7 Security Operations Centre (SOC) is coming within reach for many organisations. A shift from the detection strategy to what we want to protect - the user, the endpoint and the 'crown jewels' - offers the opportunity to intervene quickly." Maarten Werff therefore believes that Managed Detection & Response (MDR) services provide a better answer to the challenges of our time than a conventional SOC/SIEM. "Not only because of the higher visibility and the ability to intervene quickly, but mainly because it is a cost-effective solution that can be operational within a few weeks."
This article was written based on the survey: 'What decisions do organisations make on digitisation?' Conducted by The Blue Hour. This research was conducted between April 2022 and January 2024 among business service providers, municipalities, and healthcare institutions. Meanwhile, over 200 decision-makers participated in the survey. Over 800 decision-makers have been added to Conscia's network and provided with regular survey updates. All benchmark reports were followed up by appointment by Conscia specialists.
Conscia Netherlands was founded in 1976 under the name 'Vosko'. In 2017, the company was acquired and became part of the Conscia Group, which operates in seven countries in Europe, headquartered in Denmark. The Conscia Group forms a 'Network of Knowledge' with over 1,000+ experts. Conscia Netherlands' team consists of over 230 employees.