The message is clear in a fresh survey of 2,741 security, IT, and business professionals around the world: The damage from attacks is widespread and organizations are increasing security budgets to fend off further impact. Credit: Rick Jo / Getty Images Any lingering indifference to cybersecurity risk has evaporated in the face of spiking ransomware attacks, software supply chain threats, and the challenges of securing remote workers. That’s the clear message of CSO’s Global Intelligence Report: The State of Cybersecurity in 2021, fielded via online survey in May and June of this year.Unsurprisingly, half of those surveyed said they had seen an increase in security incidents at their organizations over the past year. What stands out is the extent of the harm: Nearly half of those attacked reported seeing economic damage, a loss of productivity, and theft of PII (personally identifiable information). No less than 28% said intellectual property had been stolen. download CSO Global Intelligence Report: The State of Cybersecurity in 2021Download this survey of 2,741 security, IT, and business professionals around the world for a clear picture of global threats and security spending priorities. Most shocking of all: 15% of respondents who had been attacked experienced a full shutdown of their business and 12% admitted to suffering “massive” economic impact. The survey also found that 60% of organizations in the utilities sector endured economic damage from a cyberattack, the highest of any industry segment. Utilities and energy companies were also most likely to report intellectual property theft, at 43%. Wholesale and retail companies were most likely to report loss of PII, at 58%. The global nature of the survey offered additional insight. Organizations based in the U.S. and Canada were the most likely to report an increase in incidents (53%), followed by the Asia-Pacific region (50%), Europe and Middle East (48%), Latin America, and Africa (each at 42%). No matter where they reside, though, the survey’s respondents believed there’s no letup in sight. For example, a full 62% of respondents anticipated that a financially driven attack on their organization, such as ransomware, will occur over the next 12 months.So how do organizations plan to respond? To begin with, by spending more: 71% of organizations expect to increase their security budget this year. The top spending priority was, naturally, “attack prevention,” at 43%. Cloud security came in second at 36%, with data privacy and network security tied for third at 35%. Companies in financial services, transportation, and technology were most likely to report an increase of more than 10% in their IT security budget in 2021. The most disappointing part of the survey involved security awareness. Only half of respondents said that mandatory IT security training or awareness programs had been in place for all users “for some time now,” with an additional 20% saying that initiative had just been introduced. Despite variations in the efficacy of such programs, they’re an absolutely essential part of modern cybersecurity defenses.Nonetheless, as The State of Cybersecurity in 2021 reveals, for the most part organizations appear to be doubling down on their defenses. They have no choice given the damage that has already been wrought. Cybersecurity is not a battle that can be won, just fought continually, and around the globe there’s an acute understanding of the monumental risk should organizations fail to commit the necessary resources to the fight. Related content news Singing River ransomware attack now thought to have affected over 895,000 The health care provider has dramatically increased its estimate of the number of patients affected by the August 2023 attack. By Shweta Sharma May 15, 2024 4 mins Data Breach Ransomware brandpost Sponsored by Sans Institute Clock is ticking for companies to prepare for EU NIS2 Directive Many companies are still not ready for the impact of NIS2, but SANS can help them prepare. By Laura McEwan May 15, 2024 3 mins Security feature Backlogs at National Vulnerability Database prompt action from NIST and CISA A crisis at the key US service for ranking vulnerabilities has been fueled by short resources and an explosion of security flaws as the volume of software production increases. By John Mello Jr. May 15, 2024 10 mins Threat and Vulnerability Management Security Practices Vulnerabilities news FBI warns Black Basta ransomware impacted over 500 organizations worldwide CISA advisory includes indicators of compromise and TTPs that can be used for threat hunting. By Lucian Constantin May 14, 2024 6 mins Ransomware Phishing Healthcare Industry PODCASTS VIDEOS RESOURCES EVENTS SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe