Over Two-Thirds of Organizations Have No Ransomware-Specific Incident Response Playbook

Ransomware Greatest Threat ConcernA newly released report on ransomware preparedness shows organizations are improving their security stance in comparison to last year, but overall still aren’t doing enough.

It appears that organizations are “finally taking the ransomware threat seriously and reconfiguring cybersecurity programs to account for the prominence of ransomware attack vectors” - at least according to the State of Ransomware Preparedness Research Study: 2022 from security vendor Axio. When comparing several aspects of cybersecurity with 2021, the report shows increases in the percentage of organizations implementing their security, including:

  • Multi-Factor Authentication (implemented by 44% of organizations, versus 37% in 2021)
  • Preventing Privilege Escalation (42% versus 34%)
  • Limit Access to Local Admin Account (53% versus 44%)
  • Limit Access to Domain Controllers (36% versus 31%)
  • Evaluate Third-Party Cybersecurity Posture (39% versus 29%)

But in the case of preparing specifically for ransomware, according to the report, only 31% of organizations have a playbook to address handling an incident. While an improvement over the previous year (with only 21% having a ransomware playbook), the 2022 percentage is still a very concerning number.

With phishing being the primary attack vector, the report points out that 94% of organizations have controls in place to scan and block malicious email, and 89% of them provide processes for employees to report phishing attempts.

What’s missing from all this really great (and encouraging) detail is the lack of any mention of security awareness training to further protect against phishing attempts by leveraging the user to improve the organizations security posture.

We’re encouraged by the data shown in the Axio report, but there’s obviously a long way for organization’s to go to improve their security posture.

Get Your Ransomware Hostage Rescue Manual

Ransomware Hostage Rescue Manual Cover 2022This 26-page manual is packed with actionable info that you need to prevent infections, and what to do when you are hit with ransomware. You also get a Ransomware Attack Response Checklist and Prevention Checklist. You will learn more about:

  1. What is Ransomware?
  2. Am I Infected?
  3. I’m Infected, Now What?
  4. Protecting Yourself in the Future
  5. Resources

Don’t be taken hostage by ransomware. Download your rescue manual now! 

Get Your Manual

PS: Don't like to click on redirected buttons? Cut & Paste this link in your browser:


Topics: Ransomware

Subscribe To Our Blog

Free Phishing Security Resource Kit

Get the latest about social engineering

Subscribe to CyberheistNews