Ransomware attacks taking toll on security professionals

Fears over employees ignoring security advice and ransomware attacks evolving beyond company capabilities outweigh personal job security.

Ransomware attacks show no sign of slowing, according to a new research report, ‘2022 Impacts: Ransomware attacks and preparedness’, published today by Menlo Security, a leader in cloud security. A recent survey found that a third of organisations experience a ransomware attack at least once a week, with one in 10 experiencing them more than once a day.

The research, conducted among 500+ IT security decision makers at US and UK organisations with more than 1,000 employees, highlights the impact this is having on security professionals’ own wellbeing. When asked what keeps them awake at night, 41% of respondents say they worry about ransomware attacks evolving beyond their team’s knowledge and skillset, while 39% worry about them evolving beyond their company’s security capabilities.

Their biggest concern, however, is the risk of employees ignoring corporate security advice and clicking on links or attachments containing malware (46%). Respondents worry more about this than they do their own job security, with just a quarter (26%) of respondents worried about losing their job.

According to the report, around half of organisations (61% US and 44% UK) have been the victim of a successful ransomware attack in the last 18 months, with customers and prospects the most likely entry point for an attack. Partners/suppliers and employees/contractors are also seen as serious security risks, although one in 10 admit they are unable to identify how the attacks got in. The top three ransomware attack vectors are email (54%), web browsers via a desktop or laptop (49%) and mobile devices (39%).

“Security professionals are coming under increasing pressure as organisations face an unprecedented number of highly sophisticated threats like ransomware,” comments Mark Guntrip, Senior Director of Cybersecurity Strategy at Menlo Security. “On the frontline of cyber defense, they are often coping with huge amounts of stress, worrying about what employees are doing, their team and whether they are getting the right support internally, so it’s no surprise they are prioritising the business over job security. Indeed, the burnout and high churn rate of CISOs is widely reported.”

Cost of recovery from ransomware attacks underestimated

The report also suggests that there is a growing disparity between the perceived cost and actual cost of recovering from a ransomware attack among security professionals. The survey shows that the average estimated cost is $326,531, with insurance payouts extending up to an average of $555,971 – although a significant minority (24%) admit they don’t know the value of their insurance policy or if they have cover. Industry figures, however, show the average total cost of recovery from a ransomware attack in 2021 was $1.4 million.

Ransomware demands – to pay or not to pay?

There is also some debate about whether to pay a ransomware demand or not. One in three (32%) decision makers worry about the risk of paying a ransomware demand and not getting their data back. Yet nearly two-thirds of respondents would pay a ransomware demand. Almost a third (31%) say it’s down to their insurance company to pay it, and nearly one in five say the government should pay. More than a quarter (27%) of respondents say they would never pay a ransomware demand.

Mark Guntrip adds: “Paying a ransomware demand depends on your level of preparedness – do you have the right processes and strong backup in place? If so, you won’t need to pay it. If, however, your organisation is unable to function as normal, access data or the damage is likely to bring down the business, that’s when you need to re-evaluate your options. With organisations adopting new ways of working and today’s Highly Evasive Adaptive Threats (HEAT), now is the time to re-examine your security structures to make sure you stop attacks before they even happen.”

Sophos has introduced Sophos Managed Detection and Response (MDR) with new 'industry-first' threat detection and response capabilities.
Research reveals today’s organizations face skyrocketing workloads, increasingly sophisticated threats, and poor threat visibility – leading to multiple breaches for 45% of them.
Organisations are feeling pressure as the potential for business disruption increases. With ‘freak’ weather causing data centres to overheat over the summer, and concerns over winter power outages in the face of the energy crisis, business resilience is in the spotlight - it’s become clear that we must expect the unexpected. By Russ Kennedy, Chief Product Officer at Nasuni.
Agreement delivers Okta’s identity-first Zero Trust security solution to the channel in France, Spain, Portugal, Italy and Greece — a vital security tool in an era of remote work.
The new offering leverages Wipro’s recent acquisitions in the consulting space and brings clients an end-to-end solution at a time of heightened cyber risks.
Panzura has launched a new comprehensive data management solution for customers that work in sensitive data environments, such as public sector, healthcare, and financial services. Because the service makes both the snapshots and the data immutable, ransomware attacks can’t damage files in the Panzura global file system. Instead, attacks are shrugged off by quickly reverting to seconds-old data blocks to reassemble uninfected files. Through a new strategic agreement, this new solution, as well as all of Panzura’s other workloads, will run on Amazon Web Services (AWS).
Signings cover significant expansion in Philippines, Saudi Arabia, Poland, Czech Republic, Gulf States, Emirates, Middle East, North Africa, Cyprus and Turkey.
UK professional services organisations are subject to more than three cyberattacks every week, with 60% expecting the total number of successful attacks to increase over the next year.