The State of Ransomware Readiness 2022 – The Findings
Ransomware is one of the primary threats to today’s modern businesses; it’s so widespread and costly that some insurance companies are reconsidering renumeration and excluding some forms of ransomware attacks from their coverage and policies. With this in mind, it has become even more critical than ever to prevent and mitigate the impact of attacks.
Mimecast’s “The State of Ransomware Readiness” is a global survey that aims to dig deeper into the ransomware threat and its impact on cybersecurity teams and businesses. To compile the 2022 report, Mimecast consulted 1,1000 cybersecurity decision-makers across Australia and worldwide to uncover the implications of ransomware and how organisations are defending against attacks today. In this blog, we’ll be summarising the key points raised and recommendations to better prepare your business in the event of an attack.
The Mounting Pressure of Ransomware Attacks
It’s no surprise that security professionals are facing mounting pressure from ransomware attacks, which have been compounded further by the COVID-19 pandemic. Over three-quarters of cybersecurity, leaders reported an increase in cyberattacks during the last year, with over two-thirds of businesses experiencing at least one ransomware attack.
Ransomware attacks created considerable business disruption over the past year resulting in significant downtime for 40 per cent of the organisations surveyed. However, as well as the operational impacts, there are long-term reputational and legal repercussions to consider. One-fifth of organisations consulted were subject to legal action following a ransomware attack.
Not only are there devastating consequences for businesses, but the mounting pressure and media interest is having a negative impact on the mental health of IT teams. Over the last year, 54 per cent of cybersecurity leaders reported that ransomware attacks have a negative impact on their mental health, with 56 per cent claiming it gets more stressful every year. The result is that critical staff are being lost. An even more concerning statistic is one-third of decision-makers are thinking of leaving their role in the next two years due to stress or burnout.
With all this in mind, more resources are needed to protect businesses but also their employees. Currently, half of decision-makers allocate less than $550k to cybersecurity, and a single attack could consume 20 per cent of that budget. With the hefty financial toll of ransomware attacks, a more sustainable solution (that encompasses the business as a whole) is needed. This means allocating adequate resources that align with the severity of the threat.
Static Strategies Against Evolving Threats
While ransomware attacks continue to rise in volume and severity, defences have remained alarmingly stagnant. The number of organisations experiencing a loss in revenue this year has increased by almost 10 per cent, as has the number of leaders that have encountered an attack using compromised tactics. However, while there is waning confidence in the ability to mitigate the damage, it’s no longer viable to depend on insurance providers; many are limiting the coverage provided against certain types of attacks. Instead, the rise in the use of compromised credentials should drive security leaders to double down on cyber security to prevent credential harvesting.
As vulnerability and exposure continue to rise, a rapid change is needed to reduce the risk. Almost half of security leaders believe they need to update their security systems to prevent and prepare for attacks, as well as need higher quality security awareness training for end-users. These are business basics that are sorely lacking in many cases. Almost all of the leaders consulted believe more budget is required to address the threat of ransomware.
The Importance of Proactive Prevention
The rise in attacks has led to a sense of inevitability around ransomware, leading security leaders to put a greater emphasis on mitigation rather than prevention. Almost 50 per cent of leaders now think that file backup and recovery is the most critical technology for mitigating the impact of ransomware attacks, a rise of 10 per cent from last year.
However, the report highlights some distinct gaps in security coverage. Over half of cybersecurity leaders encountered phishing emails with ransomware attachments last year, yet only 39 per cent consider flagging suspicious email messages with warning banners as one of the most effective protective measures against ransomware. Meanwhile, only 35 per cent are investing additional budget in artificial intelligence and machine learning and introducing secure email gateways. These technologies are drastically underutilised and can be fundamental in reducing vulnerability.
Cybersecurity leaders aren’t currently tapping into the power of integration despite the growing complexity of enterprise networks. Shared threat intelligence represents a missed opportunity for many organisations to gain better visibility and earlier threat detection. Ultimately, relying on mitigation alone is a dangerous strategy; there is space for a more proactive stance on prevention with best practices in place to reduce the likelihood of an attack and lower the impact.
Recommendations for Your Business
To combat the threat of ransomware, businesses need to focus on improving their proactive security posture. The report includes three key recommendations:
- Integrate security tools - by integrating security tools, organisations can improve threat detection capabilities and responses and alleviate pressure on IT teams.
- Implement best practices - cyber risk should be considered a priority at board level, with leaders taking an involved approach. Meanwhile, security awareness should be implemented across the business and up-to-date email security solutions should be enforced.
- Evaluate real consequences of an attack - best practices should be followed throughout to ensure data backups are completed regularly and response plans are fully assessed to highlight any gaps in business continuity planning.
How to Improve Your Cybersecurity Posture
Ransomware won’t stand still, so it’s critical that your cybersecurity teams don’t either. Making the best use of resources can help to lower the total cost of ransomware to your organisation.
If you would like a consultation on security solutions that will improve your security posture or if you would like more guidance in developing a comprehensive cyber strategy to mitigate the risk of a ransomware attack, contact the cybersecurity experts at InfoTrust today.
see our
Related resources
Mimecast recently released its State of Email Security Report for 2021. The fifth edition of its annual report used interviews with over twelve hundred of information technology and cybersecurity professionals across the globe to gather vital cybersecurity insights. The report offers an insight into the latest email threats along with advice on how to build cyber resilience and mitigate the risks of email-borne attacks.
Cyber attacks and data breaches have been commonplace in the news headlines for some time now. Although a warning from the media is certainly helpful, there is so much more that can be done when it comes to threat intelligence sharing. Threat intelligence sharing is an important part of the global cybersecurity community effort to tackle cybercrime and should form a part of every organisation’s cybersecurity strategy. Sharing cyber threat intelligence enables organisations to make informed decisions about their cybersecurity, building more effective and robust cyber defences.
One of my favourite annual reports to read is the Verizon Data Breach Investigations Report. It’s packed full of insights about the threat landscape and security leaders, in my opinion, should read this report to get a pulse on what’s happening in cyber-scape.
After all, as cyber leaders, we are here to stop breaches – so the insights gained from real cyber incidents and breaches is gold in learning how to tighten up our defences.
All businesses, large and small, are under increasing pressure to demonstrate that they are managing the risk of cyberattacks. This means having the right processes and controls in place to identify risks and vulnerabilities, protect information, as well as detect, respond, and recover in the event of cybersecurity incidents. As such, many businesses are turning to certification authorities and security frameworks to demonstrate privacy and security best practice and achieve compliance with regulatory bodies. System and Organisation Controls (SOC 2) is one such compliance framework that can help organisations to create a structured approach to cybersecurity.
Frost & Sullivan has recently released its 2021 Frost Radar: Email Security report, where its findings provide a benchmarking framework to help businesses protect their email from cyber threats.
As we operate in an increasingly digital world, every business collect, store, and share more and more data. And, amongst that data is personal information. With the OAIC marking this year’s Privacy Awareness Week (PAW) from Monday 3 May to Sunday 9 May 2021, it’s time for us all to review how we protect our customers’ personal information.
We're Here To Help