With 81% of organizations believing ransomware attacks will become more prevalent in the second half of 2021, nearly everyone is preparing for the worst to come.
You can’t go a day without hearing about some new ransomware attack, a new cybergang popping up, or the detailed aftermath of a prior ransomware attack being made public. And with last month’s attack on the US’s largest gasoline pipeline, the ramifications of such attacks are now clearly evident – well-beyond just the cost of paying a ransom.
According to ISACA’s latest survey of 1,200 IT professionals, it appears that organizations are waking up to the fact that ransomware is a much larger problem.
- 46% of organizations consider ransomware to be the cyberthreat most likely to impact their organization in the next 12 months
- 85% think their organization is at least “somewhat prepared” for a ransomware attack
- Only 32% believe their organization is “highly prepared”
- Enforced Vulnerability Management to make certain the environment is patched
- Microsegmentation of the network to prevent spreading
- Better Security Monitoring to improve detection
- Offline Backups with a tested recovery process
- Security Awareness Training implemented year-round
According to ISACA, 38 percent of organizations have not conducted any ransomware-related training for their staff, and yet, even ISACA attributes the “human factor” as one of the reasons ransomware is growing.
We’ve seen massive improvements in organizations utilizing continual Security Awareness Training to not just teach users the basics of “don’t open suspicious emails”, but also consistent update training that includes current scams, social engineering tactics, and phishing campaign themes.