Rampant ransom payments highlight need for urgent action on cyber resiliency
A whopping 69% of organizations have reported paying ransoms this year
· TechRadarNews By James Blake published 17 October 2024
A whopping 69% of organizations have reported paying ransoms this year, according to research by Cohesity, with 46% handing over a quarter of a million dollars or more to cybercriminals. It is hardly the picture of resiliency that is often painted by industry. Clearly, there is a disconnect between cyber resiliency policy and operational capability that urgently needs addressing.
With the advent of Ransomware-as-a-Service platforms and the current global geopolitical situation, organizations face a huge existential threat through destructive cyber attacks that could put them out of business. This gap between confidence and capability needs to be addressed, but in order to do so, those organizations need to recognize there is a problem in the first place.
According to the Global cyber resilience report 2024, which surveyed 3,139 IT and Security Operations (SecOps) decision-makers, despite 77% of companies having a 'do not pay' policy, many have found themselves unable to respond and recover from attacks without caving in to ransom demands. In addition, only 2% of organizations can recover their data and restore business operations within 24 hours of a cyberattack – despite 98% of organizations claiming their recovery target was one day.
This clearly indicates that current cyber resilience strategies are failing to deliver when it matters most. Companies have set ambitious recovery time objectives (RTOs), but are nowhere close to building the appropriate effective and efficient investigation and threat mitigation capability needed to rebuild and recover securely. Most organizations treat a destructive cyber attack like a traditional business continuity incident like a flood, fire or electricity loss - recovering from the last backup and bringing back in all the vulnerabilities, gaps in prevention and detection, as well as persistence mechanisms that caused the incident in the first place. The gap between these goals and actual capabilities is a ticking time bomb, leaving businesses vulnerable to prolonged downtime and severe financial losses.
Equally alarming is the widespread neglect of Zero-Trust Security principles. While many companies tout their commitment to securing sensitive data, less than half have implemented multi-factor authentication (MFA) or role-based access controls (RBAC). These are not just best practices; they are essential safeguards in today’s threat landscape. Without them, organizations are leaving the door wide open to both external and internal threats.
As cyber threats continue to evolve, with 80% of companies now facing the threat of AI-enabled attacks, the need for a robust, modern approach to data resiliency is more urgent than ever. Yet, the continued reliance on outdated strategies and the failure to adapt to new threats sets the stage for even greater risks. It’s not even a question of complacency.
James Blake
Global Head of Cyber Resiliency Strategy at Cohesity.
Building confidence or creating false hope?
With 78% of organizations claiming that they are confident in their cyber resilience capability, this infers that a lot of work has already been done in creating the process and technology to not just isolate attacks but also have the ability to recover a trusted response capability to investigate, mitigate threats and recover. This would be great if true, but we are seeing a real disconnect between perception and reality when it comes to cyber resilience.
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
Contact me with news and offers from other Future brandsReceive email from us on behalf of our trusted partners or sponsors