Mumbai: Most organisations globally were more concerned about ransomware than other cyberthreats. Because with any ransomware concerns looms with the possibililty of losing data, revealed Fortinet’s 2021 Global State of Ransomware report.
Majority of organisations surveyed were prepared for a ransomware attack, including employee cyber training, risk assessment plans, and cybersecurity insurance.
The report is based on a global survey of IT decision-makers conducted in August 2021 with 455 business leaders from small and mid to large-sized organisations across nearly all industries from 24 countries.
However, many respondents viewed technologies differently as essential technology solutions for protection and the technology that can best guard against the most commonly reported methods to gain entry to their networks. This clearly indicated gaps on how respondents see technologies.
Based on the technologies viewed as essential, organisations were most concerned about remote workers and devices, with Secure Web Gateway, VPN and Network Access Control among the top choices.
ZTNA shouldbe considered as a replacement for traditional VPN technology although it is an emerging technology. However, most concerning was the low importance of segmentation (31%), a critical technology solution that prevents intruders from moving laterally across the network to access critical data and IP.
Likewise, UEBA and sandboxing play a critical role in identifying intrusions and new malware strains, yet both were lower on the list. Phishing reported as a common entry method of attackers while secure email gateway at 33% was another surprise.
“As evidenced by our ransomware survey, there is a huge opportunity for the adoption of technology solutions like segmentation, SD-WAN, ZTNA, as well as SEG and EDR, to help protect against the threat of ransomware and the methods of access most commonly reported by respondents,” said Rajesh Maurya, Regional VP – India and SAARC – Fortinet.
“The high amount of attacks demonstrates the urgency for organisations to ensure their security addresses the latest ransomware attack techniques acrossnetworks, endpoints, and clouds. The good news is that organisations are recognising the value of a platform approach to ransomware defense,” added Maurya.
Citing FortiGuard Labs Global Threat Landscape report, Maurya stated that ransomware grew 1070% year-over-year.
Organisations More Concerned About Losing Data
The top concern of organisations regarding a ransomware attack was the risk of losing data, with the loss of productivity and the interruption of operations following closely behind.
In addition, 84% of organisations reported having an incident response plan, and cybersecurity insurance was a part of 57% of those plans. In regards to paying ransom if attacked, the procedure for 49% was to pay the ransom outright, and for another 25%, it depends on how expensive the ransom is. Of the one-quarter who paid ransom, most, but not all, got their data back.
Ransomware Concerns Consistent Globally
While concerns about ransomware were reasonably consistent across the board, there were some differences regionally. Respondents in EMEA (95%), Latin America (98%), and APJ (Asia-Pacific/Japan) (98%) were only slightly more concerned about ransomware attacks than their peers in North America (92%).
All regions perceive the loss of data as the top risk associated with a ransomware attack, along with the worry that they will be unable to keep up with an increasingly sophisticated threat landscape. APJ, uniquely, lists the lack of user awareness and training as their top concern.
In past 78% APJ and Latin America residents were more likely to have been victims of a ransomware attack compared to 59% in North America and 58% in EMEA.
Phishing lures were a common attack vector everywhere, while remote desktop protocol (RDP) exploits and open vulnerable ports were top attack vectors in APJ and LatAm.