Blog

The State Of Ransomware Readiness 2022 – The Findings

Sumit Singh
November 7, 2022
Home

Let's Get STARTED

Ransomware is one of the primary threats to today’s modern businesses; it’s so widespread and costly that some insurance companies are reconsidering renumeration and excluding some forms of ransomware attacks from their coverage and policies. With this in mind, it has become even more critical than ever to prevent and mitigate the impact of attacks.

Mimecast’s “The State of Ransomware Readiness” is a global survey that aims to dig deeper into the ransomware threat and its impact on cyber security teams and businesses. To compile the 2022 report, Mimecast consulted 1,1000 cyber security decision-makers across Australia and worldwide to uncover the implications of ransomware and how organisations are defending against attacks today. In this blog, we’ll be summarising the key points raised and recommendations to better prepare your business in the event of an attack.                                                                

THE MOUNTING PRESSURE OF RANSOMWARE ATTACKS

It’s no surprise that security professionals are facing mounting pressure from ransomware attacks, which have been compounded further by the COVID-19 pandemic. Over three-quarters of cyber security, leaders reported an increase in cyberattacks during the last year, with over two-thirds of businesses experiencing at least one ransomware attack.

Ransomware attacks created considerable business disruption over the past year resulting in significant downtime for 40 per cent of the organisations surveyed. However, as well as the operational impacts, there are long-term reputational and legal repercussions to consider. One-fifth of organisations consulted were subject to legal action following a ransomware attack.

Not only are there devastating consequences for businesses, but the mounting pressure and media interest is having a negative impact on the mental health of IT teams. Over the last year, 54 per cent of cyber security leaders reported that ransomware attacks have a negative impact on their mental health, with 56 per cent claiming it gets more stressful every year. The result is that critical staff are being lost. An even more concerning statistic is one-third of decision-makers are thinking of leaving their role in the next two years due to stress or burnout.

With all this in mind, more resources are needed to protect businesses but also their employees. Currently, half of decision-makers allocate less than $550k to cyber security, and a single attack could consume 20 per cent of that budget. With the hefty financial toll of ransomware attacks, a more sustainable solution (that encompasses the business as a whole) is needed. This means allocating adequate resources that align with the severity of the threat.

STATIC STRATEGIES AGAINST EVOLVING THREATS

While ransomware attacks continue to rise in volume and severity, defences have remained alarmingly stagnant. The number of organisations experiencing a loss in revenue this year has increased by almost 10 per cent, as has the number of leaders that have encountered an attack using compromised tactics. However, while there is waning confidence in the ability to mitigate the damage, it’s no longer viable to depend on insurance providers; many are limiting the coverage provided against certain types of attacks. Instead, the rise in the use of compromised credentials should drive security leaders to double down on cyber security to prevent credential harvesting.

As vulnerability and exposure continue to rise, a rapid change is needed to reduce the risk. Almost half of security leaders believe they need to update their security systems to prevent and prepare for attacks, as well as need higher quality security awareness training for end-users. These are business basics that are sorely lacking in many cases. Almost all of the leaders consulted believe more budget is required to address the threat of ransomware.

THE IMPORTANCE OF PROACTIVE PREVENTION

The rise in attacks has led to a sense of inevitability around ransomware, leading security leaders to put a greater emphasis on mitigation rather than prevention. Almost 50 per cent of leaders now think that file backup and recovery is the most critical technology for mitigating the impact of ransomware attacks, a rise of 10 per cent from last year.

However, the report highlights some distinct gaps in security coverage. Over half of cyber security leaders encountered phishing emails with ransomware attachments last year, yet only 39 per cent consider flagging suspicious email messages with warning banners as one of the most effective protective measures against ransomware. Meanwhile, only 35 per cent are investing additional budget in artificial intelligence and machine learning and introducing secure email gateways. These technologies are drastically underutilised and can be fundamental in reducing vulnerability.

Cyber security leaders aren’t currently tapping into the power of integration despite the growing complexity of enterprise networks. Shared threat intelligence represents a missed opportunity for many organisations to gain better visibility and earlier threat detection. Ultimately, relying on mitigation alone is a dangerous strategy; there is space for a more proactive stance on prevention with best practices in place to reduce the likelihood of an attack and lower the impact.

RECOMMENDATIONS FOR YOUR BUSINESS

To combat the threat of ransomware, businesses need to focus on improving their proactive security posture. The report includes three key recommendations:

  1. Integrate security tools - by integrating security tools, organisations can improve threat detection capabilities and responses and alleviate pressure on IT teams.
  2. Implement best practices - cyber risk should be considered a priority at board level, with leaders taking an involved approach. Meanwhile, security awareness should be implemented across the business and up-to-date email security solutions should be enforced.
  3. Evaluate real consequences of an attack - best practices should be followed throughout to ensure data backups are completed regularly and response plans are fully assessed to highlight any gaps in business continuity planning.                

HOW TO IMPROVE YOUR CYBER SECURITY POSTURE

Ransomware won’t stand still, so it’s critical that your cyber security teams don’t either. Making the best use of resources can help to lower the total cost of ransomware to your organisation.

If you would like a consultation on security solutions that will improve your security posture or if you would like more guidance in developing a comprehensive cyber strategy to mitigate the risk of a ransomware attack, contact the cyber security experts at Infotrust today.