Clear Majority of Cybersecurity Professionals Believe They are in a Perpetual State of Cyberwar: Venafi Survey

Current geo-political conflict has profound change on perception of cyberwar

The Ukraine-Russia war has caused a pronounced shift in the way Cybersecurity professionals view the cyberwar.

Before the conflict, only 26 percent believed we were in a state of perpetual cyberwar but this jumped to 64% after the breakout of the conflict. And 57% of the respondents believe that their organization is a target of nation-state cyberattack and 43% did not.

With this heightened state of awareness, 55% of the respondents said that their organization has changed their cybersecurity strategies as a result of the conflict. A smaller yet still sizable 46% said they have not changed their cybersecurity strategies.

• 56% believed their organization is a target for nation-state cyberattacks
• 54% indicated that their organization has changed its cyber security strategies as a result of the conflict between Russia and Ukraine

Patriotic Duty

A whopping 85% of respondents believe that better cybersecurity is their patriotic duty versus 15% who do not believe so.

Sponsorships Available

Sponsorships Available

Sponsorships Available

And in response to the question, “If your executive team and your board were required to sign off on cyber security compliance would your company’s cyber security posture improve?” a large majority (77%) said “yes” while less than a quarter (23%) of respondents said “no.”

Biggest organizational challenges

In response to a question about the biggest organizational cybersecurity challenges their organization faces, 63% of respondents said “not enough skilled people” and 42% said “not enough budget,” while 25% said “leadership treats cybersecurity like IT.”

Finally, regarding the biggest cybersecurity threats that their organizations face, 50% said ransomware, while 40 percent said cloud security and 35% said remote work.

“The sophisticated cyberattacks that are the hallmark of nation state attacks often target digital keys and certificates that serve as machine identities,” says Kevin Bocek, VP Ecosystem & Threat Intelligence at Venafi.

“These critical security assets are often poorly managed and provide attackers with the ability to hide in encrypted traffic, pivot across networks and eavesdrop on sensitive data,” warns Bocek. “Any organization that isn’t managing machine identities at least as well as they protect usernames and password is at greater risk of becoming a victim of a cyberattack. And, unfortunately, these risks are unlikely to change in the near term because most organizations are just beginning to understand these risks,” Bocek adds.

Related Posts

• SUNBURST—Code Signing Was a Problem; It Should Have Been the Solution
• Linux Foundation Launches sigstore to Combat Open-Source Supply Chain Attacks
• SolarWinds: Should Security Live in InfoSec or DevOps? [Ask the Experts]

Nation-state attacks, such as Russia-origin supply chain attacks highlighted by the now-infamous SolarWinds debacle as well as numerous other incidents have put cybersecurity professionals on edge.  

A sizable 64% of cybersecurity professionals believe they are locked in a perpetual state of cyberwar, while 57% believe their organization has been a target of nation state cyberattacks, according to a Venafi survey of security professionals at the RSA 2022 conference.