Report: 60% of U.S. infosec professionals believe ransomware is as serious as terrorism

Enterprise

Hear from CIOs, CTOs, and other C-level and senior execs on data and AI strategies at the Future of Work Summit this January 12, 2022. Learn more


According to a recent survey by Venafi, ransomware attacks spiked by 250% in the first half of 2021 alone. By the end of 2021, it’s estimated that every 11 seconds, an organization will be hit with a ransomware attack. These rising threats led to almost two-thirds of security decision makers (60%) declaring that ransomware should be prioritized at the same level as terrorism, echoing the U.S. Department of Justice’s assessment following the Colonial Pipeline attack earlier this year.

The survey explores how infosec leadership is responding to rapidly growing ransomware threats. Their responses are critical considering two-thirds (67%) of respondents from organizations with 500+ employees reported a ransomware attack last year — a number that rises to 80% for respondents from organizations with 3,000-4,999 employees.

The survey also found almost 1 in 10 (8%) companies that suffered a ransomware attack in the last year paid the ransom. On the flip side, 22% of those surveyed believe it is morally wrong to pay a ransom even if the attack seriously compromises critical business data or systems. However, the report shows that of those who would pay a ransom, 57% of respondents would reverse that decision if they were required to report the payment publicly.

And, while most organizations have multiple security controls in place that help detect and limit the impact of a ransomware attack, many of these security controls are not optimized for modern network infrastructure. Digitally transformed networks require a new approach to security, such as the use of “built-in” security controls that break the ransomware kill chain early in the attack cycle. Of the security controls respondents report using, only three fit these criteria: internal code signing, restricting macros, and restricting PowerShell scripts. Yet these three controls have the lowest adoption rates, according to the study.

More than three quarters (77%) of the organizations are committed to increasing their spend on ransomware security over the next 12 months. Given the increasing risks, it’s more important than ever that organizations shift their investment strategies to focus on ransomware protection designed for modern networks.

Data from the survey was compiled from the responses of over 1,500 IT security officers.

Read the full report by Venafi.

VentureBeat

VentureBeat’s mission is to be a digital town square for technical decision-makers to gain knowledge about transformative technology and transact.

Our site delivers essential information on data technologies and strategies to guide you as you lead your organizations. We invite you to become a member of our community, to access:

  • up-to-date information on the subjects of interest to you
  • our newsletters
  • gated thought-leader content and discounted access to our prized events, such as Transform 2021: Learn More
  • networking features, and more

Become a member