Ransomware threatens every enterprise
In a study produced by YL Ventures, interviews of forty CISOs reveal that enterprises are slow to directly fight ransomware in their enterprise computing systems, and worse, are even slower to protect their cloud infrastructure. The study, the YL Ventures CISO Circuit Report Q2, revealed that nearly half of the enterprises surveyed have been victims of successful ransomware attacks and have had to agree to the terms of the attackers.
According to Gili Berkovitz, an Associate at YL Ventures and lead analyst of the report, one of the most surprising findings of the study was that many respondents did not believe that they needed a dedicated anti-ransomware solution.
“What clients prefer is a multi-layered approach not just ransomware,” Berkovitz said. She said that they thought enterprises would want a dedicated solution, but that’s not what they found. Instead, what Berkovitz and her team found was while they thought they had prevention for ransomware, what they actually had was an anti-ransomware function in a multi-tiered security stack, in which ransomware protection was only a part.
Files locked by Ransomware
Berkovitz said that while the enterprises they surveyed were spending their resources on prevention, it wasn’t always effective. “There’s no such thing as 100 percent prevention,” she said.
Berkovitz said that the enterprises surveyed had tried a number of approaches to preventing ransomware, and she said that currently the average number of solutions in a given enterprise was five different products or other solutions. But of that, only 22 percent actually had some form of dedicated anti-ransomware in use.
Ransomware in the Cloud
Perhaps more concerning, enterprises appear to be paying relatively little attention to their cloud-based assets, apparently believing that the providers had already hardened them. Berkovitz said that only 23 percent of the respondents to the survey think they will need a new solution when it comes to handling ransomware attacks on cloud assets, while over half believed that they would need to make only minor adjustments to their existing security suites to protect their clouds from ransomware.
Berkovitz also noted that while enterprises aren’t currently assigning dedicated resources to protect their cloud-based assets from ransomware, 75 percent of respondents already believe that ransomware is attacking cloud resources.
“As data shifts to the cloud, it’s clear that more attacks will go there,” she said. While she said that most respondents are concerned about phishing and unpatched vulnerabilities, which are two primary means of attacking enterprises and their cloud-based assets with ransomware, most are counting on the protections built into their security solutions and do not feel they need a specific, dedicated anti-ransomware solution, despite the damage it can do to the enterprise.
What’s needed, according to the study, is constant vigilance that the IT security stack is continually enhancing anti-ransomware prevention and detection features, and sustaining readiness to recover from the damage it causes if the worst happens.
“Many of our respondents doubt one solution will ever be able to cover the entire scope of its risk, believing instead in utilizing a full security stack for a multi-layered approach that addresses many security concerns at once,” the study concludes.
“Without a point solution, security teams must continue to rely on the collective protection, response and recovery offered by their changing and growing security stacks. This holistic approach is necessary so long as ransomware cannot be fully prevented, though it is worth considering that perfect backup systems are not yet available, either.”
Stay connected with us on social media platform for instant update click here to join our Twitter, & Facebook
We are now on Telegram. Click here to join our channel (@TechiUpdate) and stay updated with the latest Technology headlines.
For all the latest Technology News Click Here
