Data Protection Investments Fail to Blunt Ransomware Impact
A survey of 107 IT professionals suggested existing investments in data protection are doing little to minimize the impact of a ransomware scourge that has reached epidemic proportions. Approximately three-quarters of survey respondents (75%) reported their organizations had data security, prevention and detection and backup and recovery tools in place, yet 59% of those respondents admitted they were eventually forced to give in to ransomware demands.
Conducted by the market research firm CensusWide on behalf of Titaniam, a provider of tools for encrypting data, the survey also found more than 70% of respondents reported their organization was attacked within the last five years, and 40% said they were attacked in the last 12 months.
Among those respondents, 68% had data exfiltrated and 60% of those victims were subsequently extorted to prevent public disclosure of that data.
In addition to backup and recovery, the survey found data masking (54%), encryption at rest (49%), encryption in transit (49%) and tokenization (25%) are the main methods being used to protect data.
Despite those investments, however, a full 99% of respondents reported they are looking for better data protection tools, with 90% reporting their current budgets are adequate. Data security was ranked as the top budget priority for 59% of respondents, followed by prevention/detection at 56% and backup/recovery tools at 47%.
Observing peers being attacked (33%), management’s request (29%), and compliance (24%) are mostly driving budget decisions, while just 10% said they attributed investments to learning from their own attacks.
Ransomware attacks are, of course, not the only means by which organizations lose data. Nearly half of respondents (47%) reported losing data by means other than ransomware, such as through credential theft.
Titaniam CEO Arti Raman said regardless of how data is lost, it’s clear that legacy approaches to cybersecurity are not meeting the current challenge. Organizations require approaches that combine high-performance encryption capable of addressing data sets that are increasing in volume with integrated key controls that prevent attacks, especially those that use elevated privileges to access an organization’s most sensitive data, she noted.
In many cases, the data protection tools and platforms are simply outdated, or the processes required to use them are simply too cumbersome for organizations to effectively manage. The one thing that is clear, however, is that almost every organization, not surprisingly, is studying its options.
Unfortunately, in the meantime, ransomware attacks are becoming more targeted. While there are still highly automated opportunistic attacks being launched, there has also been a marked increase in sophisticated attacks aimed at high-value targets. In many cases, cybercriminals are lingering in environments they have breached to determine not just what data to steal but also its real worth to the business. Those attacks are usually followed by ransom demands that, while still painful, are within the realm of what the organization can afford.
It may be years before technologies are in place to prevent ransomware attacks from occurring. The issue now, like it or not, is to make sure those attacks don’t result in an organization paying the ransom; to do that, organizations must ensure they have access to pristine copies of their most critical data.
