The Japanese cyber threat landscape has escalated. In this, our third Japan threat report, we find that attack frequency has reached unprecedented levels; 92% of security professionals said the volume of attacks they faced has increased. Attackers are employing a more diverse range of tactics and techniques than ever before as they bid to extort, disrupt and infiltrate organizations.
The considerable leap in attack frequency and sustained increase in sophistication revealed in this iteration of the report shows that, however fast Japanese businesses may be adapting to the intensifying environment, the cyber threat landscape is evolving faster. 94% of security professionals say attacks have become more sophisticated, 13% of those say they have become significantly more advanced.
94% of security professionals say attacks have become more sophisticated.
In addition to the general escalation in intensity, this report reveals a shift in the most common attack types experienced. Google Drive, custom malware and unsigned certs were the most commonly seen attacks.
OS vulnerabilities were the leading cause of breaches. Island hopping was only cited by 1% of respondents while 19% of respondents stated that it was the prime cause of breaches. This highlights the risks associated with the extended enterprise.
Respondents are already operating an average of more than seven different consoles or agents to manage their security programme. This indicates a security environment that has evolved reactively as security tools have been bolted on to tackle emerging threats, not built-in. This has resulted in siloed, hard-to-manage environments that hand the advantage to attackers from the start. As the cyber threat landscape reaches saturation, it is time for rationalisation, strategic thinking and clarity over security deployment.
Island hopping was only cited by 1% of respondents as the most prolific attack type but 19% noted that it was the prime cause of breaches.
94% of our survey participants anticipated an increase in spend.
38% of respondents say they will need to increase security spending and controls to support 5G rollout.
The sudden global shift to homeworking due to COVID-19 has both increased cyberattack activity and exposed some key areas for security teams to address and learn from going forward. Our COVID-19 research has found that the predominant gaps identified in disaster recovery planning revolve around communication with external parties such as customers, prospects and suppliers, as well as challenges enabling the remote workforce and communicating with employees.
92% of the CISO/CIOs that took part in our research said they had suffered a breach following a cyberattack in the past 12 months. This figure has increased significantly from 53% who said they had been breached in October 2019 and 67% in February 2019.
The average number of breaches suffered by organizations is 2.35, which is a drop from 3.58 in October 2019 and 5.55 in February 2019, showing that Japanese organizations are heading in the right direction. The largest group of respondents (49%) said they had suffered one breach, while 10% said they had suffered two and 17% admitted to suffering three.
Media and entertainment companies reported the highest average number of breaches at 2.77. 47% of government and local authority organizations had suffered three or more breaches.
Nearly half of those surveyed reported very significant gaps in terms of the effectiveness of their disaster recovery planning around communication with their external parties.
91% of all global respondents stated that they had seen an increase in overall cyberattacks as a result of employees working from home.