The latest resilience news from around the world

Black Hat's latest research report, entitled ‘The Cyber Threat In Europe’, publishes the findings from a September 2017 survey of nearly 130 IT and security professionals from more than 15 European countries. The report details major concerns among the Infosec community including critical infrastructure security, nation state attacks, enterprise security risks, and the implications of the NIS Directive and GDPR requirements.

Almost half of the respondents cite a foreign power (terrorist organization, rogue nation or large nation-state) as the primary threat to Europe's critical infrastructure. 42 percent also attribute the biggest threat to cyber espionage by major nation states. Most respondents are primarily worried about a multi-country breach rather than a critical infrastructure breach limited to their own country. These fears are heightened as a result of previous events, including the 2015 and 2016 Ukraine power grid attacks.

What role are the NIS Directive and GDPR requirements playing?

Only 11 percent believe that implementing the NIS Directive – the first Europe-wide legislation on cybersecurity – will make Europe's critical infrastructure more secure. Meanwhile, nearly 40 percent believe that a lack of required skills is the primary reason why security strategies fail, and the shortage is only being exacerbated by GDPR requirements at many organizations. Another 34 percent believe that implementing GDPR will add to the IT workload and budget, but won't have a major impact otherwise.

Why are organizations at risk?

65 percent of the respondents believe that they will have to respond to a major security incident within their organization in the next 12 months. Driving this thought is a lack of budget and staffing. Nearly 60 percent of the respondents say they do not have enough of a security budget to mount an adequate defence, while 62 percent say they do not have enough security staff to defend against modern cyber threats. Additionally, 62 percent fear that enterprise data in Europe has become less secure because of recent activities in Russia and China. 42 percent believe that European law should be changed so enterprises can take offensive action against attackers, suggesting that professionals are frustrated over the ability of attackers to go unscathed while governments grapple over questions of attribution and proportional response.

Download a copy of the report (PDF).

Want news and features emailed to you?

Signup to our free newsletters and never miss a story.

A website you can trust

The entire Continuity Central website is scanned daily by Sucuri to ensure that no malware exists within the site. This means that you can browse with complete confidence.

Business continuity?

Business continuity can be defined as 'the processes, procedures, decisions and activities to ensure that an organization can continue to function through an operational interruption'. Read more about the basics of business continuity here.

Get the latest news and information sent to you by email

Continuity Central provides a number of free newsletters which are distributed by email. To subscribe click here.