November 28, 2021
Alerts & Bugs

96% of organisations are concerned about the threat of ransomware attacks – ET CISO


Ransomware attacks have increased nearly 1100% over the last year, impacting organizations of all sizes and across all market sectors, according to a survey.

Over two-thirds of companies have been the target of a ransomware attack, with one in six claiming to have been attacked three or more times, according to a survey by Fortinet.

And according to Fortinet’s State of Ransomware survey, 96% of organisations indicate that they are concerned about the threat of a ransomware attack, with 85% reporting that they are more worried about a ransomware attack than any other cyber threat. As a result, preparing for a ransomware attack has become a boardroom issue and a top priority for CISOs worldwide.

Ninety-six per cent of respondents said they are at least moderately prepared with top preparedness measures include employee cyber training, ongoing risk assessment, offline data backups, and cybersecurity/ransomware insurance. But less than half includes such things as network segmentation, business continuity measures, a remediation plan, the testing of ransomware recovery methods, or red team/blue team exercises designed to identify weaknesses in security systems—all things most security experts see as crucial elements of any successful ransomware mitigation strategy.

Remoter workers devices a concern

Based on the technologies viewed as essential, organizations were most concerned about remote workers and devices, with Secure Web Gateway, VPN and Network Access Control among the top choices. While ZTNA is an emerging technology, it should be considered a replacement for traditional VPN technology. However, most concerning was the low importance of segmentation (31%), a critical technology solution that prevents intruders from moving laterally across the network to access critical data and IP. Likewise, UEBA and sandboxing play a critical role in identifying intrusions and new malware strains, yet both were lower on the list. Another surprise was secure email gateway at 33%, given phishing was reported as a common entry method of attackers.

Organisations worried about losing data

The top concern of organisations regarding a ransomware attack was the risk of losing data, with the loss of productivity and the interruption of operations following closely behind.

In addition, 84% of organizations reported having an incident response plan, and cybersecurity insurance was a part of 57% of those plans. In regards to paying the ransom if attacked, the procedure for 49% was to pay the ransom outright, and for another 25%, it depends on how expensive the ransom is. Of the one-quarter who paid ransom, most, but not all, got their data back.~

The need for integration and intelligence

Almost all respondents view actionable threat intelligence with integrated security solutions or a platform as critical to preventing ransomware attacks and see value in artificial intelligence (AI)-driven behavioural detection capabilities.



Related Posts

Leave a Reply

Your email address will not be published. Required fields are marked *