«
»

40% of Companies Want To “Leave” Ransomware to IT

In their annual ransomware survey, Hornet Security found that nearly 60% of companies were still ‘very’ to ‘extremely’ concerned about ransomware attacks. However, almost 40% said they were “happy to “leave it to IT to deal with the issue’.

While 87.8% confirmed they have a disaster recovery plan in place for a ransomware attack, more than one in eight organizations, or 12.2%, have no disaster recovery plan.  The primary reason for no plan was that it was ‘not considered a priority by management.”

Most used tools to combat potential threats:

  • 87.8% –    End-point detection software with anti-ransomware capabilities
  • 84.4% –    Email filtration and threat analysis’
  • 22.4% –    ‘AI-enabled security solutions’ to combat ransomware

The most common primary security feature to protect backups from ransomware is:

  • 40.6% – Immutable storage
  • 38.3% -Tight control of user and application permissions
  • 27.8% – Air-gapped storage

Craig Harber, Security Evangelist: Open Systems had this to say:

    “Last year was a breakout year for ransomware and it continues to plague all industry sectors to varying degrees. The financial and brand reputation effects of ransomware forced many to rethink their investments in cybersecurity tools and best practices. Despite the potential devastating impacts of a ransomware attack, there are still organizations that don’t believe ransomware is a priority because they haven’t been targeted or they are unwitting of the fact they have been targeted and possibly breached. Ransomware is here to stay for the foreseeable future.

   “Organizations need to understand there is no silver bullet to defend against ransomware. It will take a multilayered approach by security teams to improve IT security tools, proactively monitoring and hunting for indications of an attack, and training the workforce on their cybersecurity responsibilities.”

Dave Ratner, CEO, HYAS follows with this comment:

   “Ransomware continues to be a major issue for companies of all sizes, and too many do not implement a security-in-depth strategy needed to drive resiliency.  Regardless of the EDR and other prevention-oriented components, a modern strategy must be complimented with Protective DNS and other visibility solutions to identify the telltale signs of a breach before encryption and damage occurs.”

For those 12.8% who have no plans to deal with a ransomware attack, I simply have to shake my head as they are just asking to be put out of business. Because one ransomware attack will take them out. Just look at this example.

This entry was posted on October 12, 2023 at 8:36 am and is filed under Commentary with tags . You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

One Response to “40% of Companies Want To “Leave” Ransomware to IT”

  1. 40% of Companies Want To “Leave” Ransomware to IT – 2nd Edition Says:
    November 13, 2023 at 4:20 pm

    […] 40% of Companies Want To “Leave” Ransomware to IT> – itnerdA recent ransomware survey conducted by Hornet Security revealed that nearly 60% of companies are still highly concerned about ransomware attacks. Surprisingly, around 40% of organizations are willing to leave the responsibility of dealing with the issue to their IT departments. While the majority (87.8%) of companies have a disaster recovery plan in place, 12.2% reported having no plan due to a lack of management prioritization. To combat potential threats, the most commonly used tools are end-point detection software with anti-ransomware capabilities (87.8%), email filtration, and threat analysis (84.4%), and AI-enabled security solutions (22.4%). The survey also highlighted that the primary security feature to protect backups from ransomware is immutable storage (40.6%), followed by tight control of user and application permissions (38.3%), and air-gapped storage (27.8%). Security experts emphasized the need for a multilayered approach to defend against ransomware, including improving IT security tools, proactive monitoring, and hunting for signs of an attack, as well as providing cybersecurity training to the workforce. They stressed that ransomware attacks are a persistent threat and organizations cannot afford to overlook the importance of investing in robust security measures. Experts also highlighted the significance of implementing a security-in-depth strategy to enhance resiliency, recommending the use of protective DNS and other visibility solutions to identify early signs of a breach before encryption and damage occur. Companies that do not prioritize ransomware protection are putting themselves at significant risk of being put out of business with just one successful attack.Link: https://itnerd.blog/2023/10/12/40-of-companies-want-to-leave-ransomware-to-it/ […]

    Reply

Leave a Reply

%d