NATO Survey Respondents Identify Software Supply Chain and Cybersecurity Skills Shortages as Key Challenges; Cyber Defense Coordination and Threat Data Sharing Identified as Areas of Opportunity for Government Leadership
News Highlights
- New Trellix report finds 87 percent of respondents from Germany, France and United Kingdom believe government-led initiatives can play a critical role in enhancing nations' cyber defenses.
- Eighty-two percent of global respondents believe software supply chain risk management is of either high or crucial importance for national security.
- Only 40 percent of German, 39 percent of British, and 36 percent of French respondents claim to have fully implemented appropriate software supply chain risk management policies and processes.
- The lack of in-house cyber skills and implementation expertise are identified as critical barriers to deployment of advanced cyber defense technologies.
- Ninety-five percent of German and French respondents and 86 percent of British respondents believe there is room for improvement in cybersecurity partnerships with their governments.
- Sixty percent of British respondents call for more cyber-attack campaign data; 58 percent of French surveyed call for more software vulnerability data.
Trellix, the cybersecurity company delivering the future of extended detection and response (XDR), today released a global Cyber Readiness Report gauging technology adoption and perceptions of government cybersecurity leadership related to cybersecurity standards and the cooperation between the public and private sectors.
The Trellix report shows 87 percent of respondents from NATO countries of Germany, France and United Kingdom believe formalized, government-led initiatives can play an important role in improving their nations' protection against cyber threats. Respondents from these countries see opportunities for improvement in their partnerships with government in areas such as cyber defense coordination, threat information sharing and software supply chain integrity.
The study, based on research conducted globally by Vanson Bourne, surveyed 900 cybersecurity professionals from organizations with 500 or more employees, including 200 respondents in the three European NATO countries of Germany, the United Kingdom and France.
"Global tensions and cyber-warfare incidents in Ukraine sharpen our focus on the cyber readiness of government and critical infrastructure," said Bryan Palma, CEO of Trellix. "Our report assesses the progress of new technology implementation, like XDR. It also identifies areas of opportunity for stronger public-private partnerships, where increased coordination will keep us ahead of our adversaries."
Cybersecurity technology adoption. Among German respondents, cloud cybersecurity modernization appears to be furthest ahead in implementation. Forty percent claim to have fully implemented the advanced technology in this area, whereas only 27 percent appear to have fully implemented endpoint detection and response and extended detection and response (EDR-XDR) capabilities.
Among British respondents, 37 percent claimed to have fully implemented EDR-XDR and cloud cybersecurity modernization, whereas multifactor authentication (MFA) and zero trust appear to be behind.
Forty-seven percent of French respondents reported having fully deployed MFA, apparently placing the French furthest ahead in this area compared to their British and German peers.
Software Supply Chain Risk. The majority (82 percent) of global respondents believe software supply chain risk management policies and processes are of either high or crucial importance to national security.
Seventy-six percent of U.K. respondents said these policies and processes as extremely or highly difficult to implement, and only 39 percent claim to have fully implemented such practices.
Sixty-three percent of German respondents and 58 percent of French respondents identified these policies and processes as difficult to implement. Only 40 percent of the Germans and 36 percent of the French acknowledge fully implementing such measures.
The European respondents agree software security standards would improve across the entire software industry if their governments demanded higher software security standards within government implementations. But only 56 percent of German, 51 percent of U.K. and 48 percent of French respondents support government mandates demanding cybersecurity standards for the entire software industry.
Cyber Skills Challenges. While survey respondents identified a variety of barriers to implementation of advanced technologies, a cybersecurity talent shortage was revealed across the three countries. Forty-eight percent of Germans, 41 percent of British and 35 percent of French respondents acknowledged a lack of in-house cyber skills as a key challenge to their implementation efforts. Around a third of each group also identified a lack of implementation expertise as key barrier. These findings mirrored cybersecurity skills shortages in the U.S. and Asia Pacific.
Palma continued: "The cyber skills gap is well known; the report highlights the deficit is stifling the deployment of cybersecurity technology. Whatever innovation advantage the U.S. and its allies believe we have is irrelevant if we cannot implement the solutions."
Public-Private Partnerships. Ninety-five percent of German and French respondents and 86 percent of British respondents believe there is room for improvement in the level of cybersecurity partnerships between their national governments and organizations.
Fifty-two percent of British, 46 percent of German and 35 percent of French respondents favored a combination of incident notification and liability protection to facilitate sharing of cyber-attack data between impacted organizations, government partners and industry audiences. Forty-four percent of British and 41 percent of German and French respondents favored tighter cooperation on cyber incident management while cyber-attacks and campaigns are in progress.
In terms of the types of data government should share to help organizations better protect themselves, nearly two thirds (60 percent) of British respondents would like to receive more data on cyber-attack campaigns in progress. Around half of German respondents said they would like to receive more information on different cybercrime and threat actor groups. Fifty-eight percent of French respondents say cybersecurity vulnerability data would be preferred above other data types.
Additional Resources
- Media Kit: Path to Cyber Readiness
- Report: Path to Cyber Readiness Preparation, Perception and Partnership
- Blog: Cyber Readiness in Europe: France, Germany the United Kingdom
About Trellix
Trellix is a global company redefining the future of cybersecurity. The company's open and native extended detection and response (XDR) platform helps organizations confronted by today's most advanced threats gain confidence in the protection and resilience of their operations. Trellix's security experts, along with an extensive partner ecosystem, accelerate technology innovation through machine learning and automation to empower over 40,000 business and government customers. More at https://trellix.com.
View source version on businesswire.com: https://www.businesswire.com/news/home/20220413005343/en/
Contacts:
Christopher Palm
media@trellix.com