- Home >
- Services >
- Access to Knowledge >
- Trend Monitor >
- Domain of Application >
- Trend snippet: Current state of cyber security landscape
Trends in Security Information
The HSD Trendmonitor is designed to provide access to relevant content on various subjects in the safety and security domain, to identify relevant developments and to connect knowledge and organisations. The safety and security domain encompasses a vast number of subjects. Four relevant taxonomies (type of threat or opportunity, victim, source of threat and domain of application) have been constructed in order to visualize all of these subjects. The taxonomies and related category descriptions have been carefully composed according to other taxonomies, European and international standards and our own expertise.
In order to identify safety and security related trends, relevant reports and HSD news articles are continuously scanned, analysed and classified by hand according to the four taxonomies. This results in a wide array of observations, which we call ‘Trend Snippets’. Multiple Trend Snippets combined can provide insights into safety and security trends. The size of the circles shows the relative weight of the topic, the filters can be used to further select the most relevant content for you. If you have an addition, question or remark, drop us a line at info@securitydelta.nl.
visible on larger screens only
Please expand your browser window.
Or enjoy this interactive application on your desktop or laptop.
Current state of cyber security landscape
Cyber attacks are up
Even a global pandemic can’t stop cyber criminals—if anything, the vulnerability and uncertainty was a breeding ground for new attacks. There were on average 270 attacks (unauthorized access of data, applications, services, networks or devices) per company over the year, an increase of 31% compared with 2020 .
Third-party risk continues to dominate.Indirect attacks—by which we mean successful breaches to the organization through the supply chain—have increased from 44% to 61%.
And the impact of cybersecurity has hit hard in the boardroom; in an analysis of more than 500 companies’ 2020 earnings reports, there’s an increase in legal (23%), economic (16%) and internal (10%) discussions around cybersecurity consequences compared with 2019, suggesting an elevation in prioritizing the subject.
Security investment continues to rise
IT security budgets are increasing, with more than 82% of our survey respondents saying their budgets
have increased in the last year. IT security budgets are now up to 15% of total IT spend, 5 percentage points higher than the spend reported in 2020.
This may be the COVID-19 change event—the massive and rapid shift in how they ran
their businesses and increased security demands; we won’t know until next year if this kind of investment will continue but we doknow that budgets are always under scrutiny. Rapid cloud adoption may also contribute to this investment increase since many security tools have to be updated to accommodate cloud or more robust security is needed in a digital world. Perhaps this increased spend has encouraged optimism. On average, 70% believe their organization is actively protected by their cybersecurity program, compared with 60% in 2020. While they are also more confident about the wider picture—67% believe their ecosystems to be secure, compared with 60% in 2020.
Cloud still has a complex relationship with security
Over the next three to five years, more than two-thirds of workloads will shift to the cloud, with about one-third of organizations moving more than 75% into the cloud across most regions of the world.
This is echoed in our recent technology innovation strategies research which found that the top 10% of respondents doubled down on technology investment during the pandemic —72% accelerated investment in security.
Our cyber resilience survey respondents have moved their operations to the cloud because they recognize the benefits such as lower costs, more resilient operations and access to more advanced technology.
Yet, despite most of our survey respondents believing that cloud applications and operations are more secure than those hosted on-premise, nearly one-third (32%) say security is not part of the cloud discussion from the outset and their organization is trying to catch up.
And reasons preventing the take up of the cloud revolve around security issues: about one-third of all respondents say poor governance and compliance practices around cloud security are a problem, that cloud security is too complex and that they do not have the skills internally to structure a proper cloud security framework.