Nation-State Threat Actors & Consumer Protection
By Trellix · March 28, 2022
Today, Trellix released a new report: In the Crosshairs: Organizations and Nation-State Cyber Threats. This report takes a deep look into how organizations across sectors prepare for and respond to cybersecurity activity from cybercriminals and attacks sponsored by governments from all over the world.
To produce this report, Trellix worked with two great teams. Vanson Bourne conducted a detailed survey of 800 IT decisions makers in Australia, France, Germany, India, Japan, the United Kingdom and the United States, from a variety of industries. The Center for Strategic and International Studies (CSIS) then partnered with Trellix to distill the data collected from Vanson Bourne into this rich report which spans from organization and government needs to concrete cyber recommendations, and everything in between..
Nation-State Actors and Proxies
Trellix Threat Labs includes elite researchers who have been studying cybercriminal groups and nation-backed cyber activity for years, independently and in collaboration with global government agencies. When our Threat Labs leaders consider nation-state actors, they’re defined as:
Traditionally when we talk about threat actors, we first need to make the split between cybercrime and nation-state sponsored operations. Where cybercrime is mostly focused on financial gain, nation-state operations are often conducting strategic attacks to disrupt an adversary or in it for the long run, conducting intelligence operations to gain intellectual property to serve an economic or military goal.
As organizations prepare their cybersecurity strategies, risks to reputation and trust are at stake and consumer privacy should not be ignored. That said, this report found that only a third or organizations communicate with their customers about cyber incidents and that while 92 percent of respondents were willing to share information about an attack, they’re not always open to communications the full details, leaving potential gaps for consumer awareness and privacy issues.
Consumer Impact of Nation-State Cyber Actors
While Trellix sought to understand how organizations prepare to defend against nation-state backed cyberthreats and what improvements were needed, it also found that there is tangible impact to consumers – the everyday people using services and sharing their personally identifiable information (PII) online.
The report found that:
- Access to consumer data was the motive for state-backed cyber incidents for 48 percent of respondents who believe they have been the victims of a state-backed incident
- Only 33 percent of organizations reported reaching out to their customers to disclose a cybersecurity incident
- Forty-six percent of respondents believe the personally identifiable information (PII) they hold from their customers is one of the main factors for which they would be targeted in a future cyber attack
- Forty-one percent of respondents believe the PII they hold from their employees is one of the main factors for which they would be targeted in a future cyber attack
Organizations need to prepare to defend against nation-state backed cyberthreats, and improvement is needed in terms of how most organizations – regardless of sector – do this and ultimately ensure the safekeeping of consumer data.
While consumers on their own have limited ways to defend from nation-state and advanced cyber actors, using two-factor authentication and completing software updates on devices as soon as possible are important measures to take. Every connected device introduced into our homes increases the attack surface of our towns, cities and countries.
Aug 22, 2023
Trellix CEO Bryan Palma Wins the 2023 SC Award for Security Executive of the Year
Aug 17, 2023
Trellix Endpoint Security Earns SE Labs’ Highest AAA Rating for Enterprise & Small Business Customers
Aug 7, 2023
Trellix to Host Ransomware Detection and Response Virtual Summit
Jul 28, 2023
NICE Community Coordinating Council Names Trellix’s Michael Alicea as Industry Co-Chair
Jul 12, 2023
Trellix Launches CISO Council with Top Cybersecurity Experts
The latest from our newsroom
By Grant McDonald · September 18, 2023
Read Trellix’s take on the 2023 Gartner® Market Guide for Extended Detection and Response, including 5 key focus areas and the benefits Trellix XDR delivers.
By Martha Vasquez · September 12, 2023
Explore how Trellix vIPS + GWLB enhance infrastructure, ensuring high availability & traffic handling.
Get the latest
We’re no strangers to cybersecurity. But we are a new company.
Stay up to date as we evolve.
Zero spam. Unsubscribe at any time.