Orgs Report Mixed Progress on Ransomware Defense
A survey of 400 technology, financial and security leaders published today by HYCU, a provider of a data protection platform, suggested most organizations are better prepared to thwart a ransomware attack, with 54% reporting they are either mostly prepared (32%) or as prepared as possible (22%). A total of 42% of respondents said they now spend one to five hours a week on ransomware preparedness, while 28% said they are spending 10 hours or more.
Just over 55% of respondents indicated that they can recover from such an attack in one day or less. However, only 45% of respondents indicated recovery from an attack would be very or somewhat easy. A total of 65% said their existing backup and recovery tools were either somewhat (53%) or not (12%) sufficient.
The biggest obstacles to improving recovery time and recovery point objectives are financial constraints (54%) and staffing constraints (43%), the survey found.
In total, the survey found 42% of respondents acknowledged their organization experienced a ransomware incident of any size that resulted in infiltration and/or encryption. Among those victimized, 20% admitted to paying a ransom to recover data. More than half (52%) experienced some loss of data while 63% said that an attack resulted in an operational disruption to the business.
HYCU CEO Simon Taylor said most organizations today still don’t fully appreciate the total cost of a ransomware attack because the value of lost data is not as easily measured as ransomware payments. The odds organizations are going to at least lose some data only continue to increase as both the cost of launching a ransomware attack continues to drop and the total number of platforms that need to be protected expands, he added. In total, it’s not uncommon for some organizations to have as many as 170 different data platforms that require protection, Taylor noted. Only 44% of respondents, however, said that the rise of work-from-home created new risks and complications in terms of battling ransomware.
In general, the survey found most organizations’ boards of directors focused on data protection (72%). That shift is pushing more cybersecurity teams to focus on backup and recovery because the board is asking those teams how long it would take for the organization to recover from a ransomware attack, said Taylor. The budget for data protection platforms, however, still resides with IT operations teams, he added.
Overall, 46% of respondents increased spending on both recovery and prevention, while 54% increased spending on ransomware detection, the survey found. Among organizations that experienced an attack, 51% increased spending on data protection while 50% implemented different backup and recovery technologies.
A total of 42% also implemented comprehensive information security, email and ransomware training programs, with another 48% starting the process.
It’s not clear how the relationship between cybersecurity and data protection will evolve, to one degree or another, as the volume and sophistication of ransomware attacks increases. However, it is clear that the backup and recovery process needs to become more automated if organizations hope to limit disruption and eliminate the need to ransom data.
