Our third iteration of the France Threat Report finds that attack volumes have reached unprecedented levels: 100% of the cybersecurity professionals we surveyed say they have witnessed an increase in attack volumes and the average percentage increase reported has shot up from 62% last year, to 120%.
Despite the increase in attack volumes, sophistication has dropped, according to our survey respondents. One third said that attacks are more sophisticated, compared with 89% in October 2019. OS vulnerabilities were the prime cause of breaches suffered by organisations, increasing significantly compared with October 2019, when it was the root of 9%, now causing 44% as attackers take advantage of poor patching programmes.
99% of French respondents said they had suffered a data breach as a result of a cyberattack in the past 12 months.
In addition to the general escalation in attack volumes, this report reveals a shift in the causes of successful breaches. Island hopping, despite only featuring in a small percentage of attacks experienced, was the joint second most common cause of breaches, together with third party applications.
Furthermore, 7% of breached businesses had been compromised via their supply chain. Clearly, the extended enterprise ecosystem is generating considerable security concerns.
Security professionals in France are responding to the uptick in cyber threat volume by boosting cyber defence spending. All survey participants anticipated an increase in spend, continuing the upward trajectory from the 95% who planned increases last time. 94% of respondents in also said they had security concerns around the implementation and management of digital transformation and 5G. But, when it comes to the crunch, French cybersecurity professionals are not convinced of the need to devote security budget to supporting 5G rollout.
99% of respondents said their organisation had been breached at least once as the result of a cyberattack in the last 12 months, a leap on the 90% who had suffered breaches in our October 2019 report and the highest percentage we have ever recorded. The average number of breaches per organisation was 3.7, a slight increase from 3.56 last time.
40% reported that their organisation had been breached five or more times.
The media and entertainment sector suffered the highest average number of breaches, at 4, in increase on last time when the sector reported an average of 2.4 breaches.
Larger organisations tended to have higher average breach numbers; those with 5001-10,000 employees had experienced 4.18 breaches.
87% of respondents have between 5 and 10 technologies in place to manage their security programme.
91% of all global respondents stated that they had seen an increase in overall cyberattacks as a result of employees working from home.