Seven in 10 chief information security officers (CISOs (71%) believe cyberwarfare is a threat to their organization, and yet just over a fifth (22%) admit to not having a strategy in place to mitigate this risk, a new survey from cybersecurity vendor Bitdefender reveals.

The findings, the company says, are “especially alarming during a period of unprecedented global disruption, as half of infosec professionals (50%) agree that the increase of cyber warfare will be detrimental to the economy in the next 12 months.

“CISOs and Infosec professionals however are shoring up their defenses with 51% and 48% respectively stating that they believe they will need a strategy against cyberwarfare in the next 12-18 months.”

These findings and others are contained in the recently released global 10 in 10 Study, which Bitdefender says highlights how, in the next 10 years, cybersecurity success lies in the adaptability of security decision makers, while simultaneously looking back into the last decade to see if valuable lessons have already been learnt about the need to make tangible changes in areas such as diversity.

“It explores, in detail, the gap between how security decision makers and infosec professionals view the current security landscape and reveals the changes they know they will need to make in the upcoming months and years of the 2020s.” a company release states.

“The study takes into account the views and opinions of more than 6,724 infosec professionals representing a broad cross-section of organizations from small 101+ employee businesses to publicly listed 10,000+ person enterprises in a wide variety of industries, including technology, finance, healthcare and government.”

“Outside of the rise of cyberwarfare threats, an old threat is rearing its head ransomware.”

The report notes that during the disruption of 2020, ransomware has surged with as much as 43% of infosec professionals reporting that they are seeing a rise in attacks: “What's more concerning is that 70% of CISOs/CIOs and 63% of infosec professionals expect to see an increase in ransomware attacks in the next 12-18 months.

“This is of particular interest as almost half of CISOs/CIOs (49%) and just over two fifths of infosec professionals (42%) are worried that a ransomware attack could wipe out the business in the next 12-18 months if they don't increase investment in security.”

Two-fifths of infosec professionals (41%) believe that in the future more communication with the wider public and customers is needed so everyone, both in and organization and outside, better understands the risks.

“The reason that 63% of Infosec professionals believe that cyberwarfare is a threat to their organization is easy,” said professor Neeraj Suri, the chair in cybersecurity at Lancaster University in the U.K. “Dependency on technology is at an all-time high and if someone was to take out the Wi-Fi in a home or office, no one would be able to do anything. This dependency wasn't there a few years back, it wasn't even as high a few months back.

“This high-dependency on technology, doesn't just open the door for ransomware or IoT threats on an individual level, but also to cyberwarfare which can be so catastrophic it can ruin economies.”

The study notes that outside of the drastic changes that are needed in the way cybersecurity professionals communicate, there is also a need to make a change within the very makeup of the workforce.

"The infosec industry has long suffered from a skills shortage, and this looks to remain an ongoing and increasingly obvious issue. 15% of infosec professionals believe that the biggest development in cybersecurity over the next 12-18 months will be the skills gap increasing.

"If the skills deficit continues for another five years, 28% of CISOs and CIOs say they believe that it will destroy businesses. And another half (50%) of infosec professionals believe that the skills gap will be seriously disruptive if it continues for the next 5 years."

"2020 has been a year of change not only for the world at large, but for the security industry,” says Liviu Arsene, Global Cybersecurity Researcher at Bitdefender . “The security landscape is rapidly evolving as it tries to adapt to the new normal, from distributed workforces to new threats. Amongst the new threats is cyberwarfare.

“It's of great concern to businesses and the economy and yet not everyone is prepared for it. To succeed in the new security landscape the way we as an industry talk about security has to become more accessible to a wider audience to gain support and investment from within the business.

"In addition, we have to start thinking about plugging the skills gap in a different way – we have to focus on diversity, and specifically neurodiversity, if we are to stand our ground and ultimately defeat bad actors."

The Bitdefender 10 in 10 study was conducted among 6,724 IT workers in May across the U.K., U.S., Australia, New Zealand, Germany, France, Italy, Spain, Denmark, and Sweden.

Paul Barker