Perhaps the most surprising statistics to come out of a new CISOs Connect report, Ransomware In Focus, available here, are that only about 60% of respondents felt they had good data backup and recovery technology, while around a quarter had something in place but wanted to upgrade to something better, and just under 16% had no backup solution at all. To be fair to them, most of those in that latter category did say they were looking into getting one post-breach.
Almost 70% of CISOs surveyed say they fear a ransomware attack and think the problem will not go away easily. In fact, al most 25% of the companies surveyed, and they were from across the spectrum, admitted to not taking adequate steps to protect themselves, meaning they were successfully breached multiple times, resulting in multiple ransom payments.
Just under 70% of companies employing 1,000 to 4,999 people surveyed and just over 60% of companies employing 10,000 to 25,000 people surveyed said they were hit the most. Around 20% of companies employing 100 people or fewer were attacked. Manufacturing was the highest-hit sector (81.3%), followed by telecoms and technology (79.3%.) By comparison, professional services companies got away lightly, but 43.5% of them were attacked, so it’s all relative.
Interestingly, according to the report, CISOs are far more worried about losing sensitive data, getting the business back up and running and losing revenue due to a hack than they are about paying the ransom. 65% paid up if they were hit, but only 55% of those who did pay got all their data back. Most got some, but not all. Despite this, around a third said they would still pay up regardless, while a quarter said they would hedge. 15% said they have Bitcoin in reserve in the likelihood of a breach and 70% said they had a response plan in place.
Source: ITPro
Informed Sauce is hosting an Infinidat-sponsored event in London on 2 December about protecting businesses from cyber crime.
Short talks from the Metropolitan Police, a military-trained cyber threat expert and sponsor Infinidat’s EMEA Field CTO will be followed by a panel-led, room-wide moderated discussion, with plenty of opportunities for you to contribute your thoughts and ask questions.
Visit the event microsite for more details and to sign up.