, ,

Rampant ransom payments highlight need for urgent action on cyber resiliency

A whopping 69% of organizations have reported paying ransoms this year, according to research by Cohesity, with 46% handing over a quarter of a million dollars or more to cybercriminals. It is hardly the picture of resiliency that is often painted by industry. Clearly, there is a disconnect between cyber resiliency policy and operational capability that urgently needs addressing. 

With the advent of Ransomware-as-a-Service platforms and the current global geopolitical situation, organizations face a huge existential threat through destructive cyber attacks that could put them out of business. This gap between confidence and capability needs to be addressed, but in order to do so, those organizations need to recognize there is a problem in the first place.

According to the Global cyber resilience report 2024, which surveyed 3,139 IT and Security Operations (SecOps) decision-makers, despite 77% of companies having a 'do not pay' policy, many have found themselves unable to respond and recover from attacks without caving in to ransom demands. In addition, only 2% of organizations can recover their data and restore business operations within 24 hours of a cyberattack – despite 98% of organizations claiming their recovery target was one day.

This clearly indicates that current cyber resilience strategies are failing to deliver when it matters most. Companies have set ambitious recovery time objectives (RTOs), but are nowhere close to building the appropriate effective and efficient investigation and threat mitigation capability needed to rebuild and recover securely. Most organizations treat a destructive cyber attack like a traditional business continuity incident like a flood, fire or electricity loss – recovering from the last backup and bringing back in all the vulnerabilities, gaps in prevention and detection, as well as persistence mechanisms that caused the incident in the first place. The gap between these goals and actual capabilities is a ticking time bomb, leaving businesses vulnerable to prolonged downtime and severe financial losses.

Equally alarming is the widespread neglect of Zero-Trust Security principles. While many companies tout their commitment to securing sensitive data, less than half have implemented multi-factor authentication (MFA) or role-based access controls (RBAC). These are not just best practices; they are essential safeguards in today’s threat landscape. Without them, organizations are leaving the door wide open to both external and internal threats.

As cyber threats continue to evolve, with 80% of companies now facing the threat of AI-enabled attacks, the need for a robust, modern approach to data resiliency is more urgent than ever. Yet, the continued reliance on outdated strategies and the failure to adapt to new threats sets the stage for even greater risks. It’s not even a question of complacency.

Building confidence or creating false hope?

With 78% of organizations claiming that they are confident in their cyber resilience capability, this infers that a lot of work has already been done in creating the process and technology to not just isolate attacks but also have the ability to recover a trusted response capability to investigate, mitigate threats and recover. This would be great if true, but we are seeing a real disconnect between perception and reality when it comes to cyber resilience.

That’s a big concern. The financial impact of these failures is not limited to ransom payments alone. The true cost of inadequate cyber resilience extends far beyond the immediate outlay. Prolonged downtime, loss of customer trust, criminal prosecutions for false attestations around the quality of security controls or paying ransoms to sanctioned entities, brand damage, and skyrocketing cyber insurance premiums are just a few consequences that can damage an organization. It’s a sobering reminder that investing in and testing robust cyber resiliency measures upfront is far more cost-effective than dealing with the fallout of a successful attack.

Moreover, the report reveals that only 42% of organizations have the IT and Security capabilities to identify sensitive data and comply with their regulatory requirements. This deficiency exposes companies to significant fines and undermines their ability to prioritize protecting the very data that is the lifeblood of their organization and is subject to regulatory obligations.

With the expected rise of AI-enhanced cyberattacks adding another layer of capability to cyber adversaries, organizations with traditional defenses will have their work cut out. They are no match for these effective and high-efficient threats, which can adapt and evolve faster than most organizations can respond. Organizations need AI-tools to counter these emerging AI-driven threats.

Identify a problem to fix a problem

The report ultimately reveals opportunities for improvement. People, processes, and tools do exist to reverse these trends and close gaps to shore up cyber resilience. Still, organizations need to understand where they currently sit regarding resiliency and be honest with themselves.

The right workflow collaboration and platform integration between IT and Security needs to be developed before an incident. Organizations must engage in more realistic and rigorous threat modelling, attack simulations, drills and tests to understand their strengths and weaknesses. This can ensure that the response and recovery process is effective and that all stakeholders are familiar with their roles during an incident or can identify shortcomings and areas for improvement.

In addition, automated testing of backup data can verify the integrity and recoverability of backups without manual intervention. This automation helps ensure that backups are reliable and can be restored quickly when needed.

Finally, maintaining detailed documentation and recovery playbooks helps ensure everyone knows their responsibilities and what steps to take during an incident. These playbooks should be regularly updated based on changes in adversary behavior and the results of testing and drills.

And this is just a start. To fully reduce operational risk, a transition to modern data security and management processes, tools, and practices is required. Perhaps then, we will see a reduction in ransom payments and a cyber resilience confidence built on reality.

We've rated the best identity management software.

This article was produced as part of TechRadarPro's Expert Insights channel where we feature the best and brightest minds in the technology industry today. The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/news/submit-your-story-to-techradar-pro

https://www.techradar.com/pro/rampant-ransom-payments-highlight-need-for-urgent-action-on-cyber-resiliency


December 2024
M T W T F S S
 1
2345678
9101112131415
16171819202122
23242526272829
3031  

About Us

Welcome to encircle News! We are a cutting-edge technology news company that is dedicated to bringing you the latest and greatest in everything tech. From automobiles to drones, software to hardware, we’ve got you covered.

At encircle News, we believe that technology is more than just a tool, it’s a way of life. And we’re here to help you stay on top of all the latest trends and developments in this ever-evolving field. We know that technology is constantly changing, and that can be overwhelming, but we’re here to make it easy for you to keep up.

We’re a team of tech enthusiasts who are passionate about everything tech and love to share our knowledge with others. We believe that technology should be accessible to everyone, and we’re here to make sure it is. Our mission is to provide you with fun, engaging, and informative content that helps you to understand and embrace the latest technologies.

From the newest cars on the road to the latest drones taking to the skies, we’ve got you covered. We also dive deep into the world of software and hardware, bringing you the latest updates on everything from operating systems to processors.

So whether you’re a tech enthusiast, a business professional, or just someone who wants to stay up-to-date on the latest advancements in technology, encircle News is the place for you. Join us on this exciting journey and be a part of shaping the future.

Podcasts

TWiT 1011: The Year in Review – A Look at the Top Stories of 2024 This Week in Tech (Audio)

What's behind the tech industry's mass layoffs in 2024? : NPR Rabbit R1 AI Assistant: Price, Specs, Release Date | WIRED Stealing everything you've ever typed or viewed on your own Windows PC is now possible with two lines of code — inside the Copilot+ Recall disaster. Microsoft delays Recall after security concerns, and asks Windows Insiders for help The Qualcomm Snapdragon X Architecture Deep Dive: Getting To Know Oryon and Adreno X1 Elon Musk: First Human Receives Neuralink Brain Chip Apple hit with €1.8bn fine for breaking EU law over music streaming Bluesky emerges The hidden high cost of return-to-office mandates Apple's Car Was Doomed by Its Lofty Ambitions to Outdo Tesla SpaceX pulls off unprecedented feat, grabs descending rocket with mechanical arms U.S. versus Apple: A first reaction Google Says It Won't Force Gemini on Partners in Antitrust Remedy Proposal U.S. Accuses Chinese Hackers of Targeting Critical Infrastructure in America U.S. Agency Warns Employees About Phone Use Amid Ongoing China Hack AT&T says criminals stole phone records of 'nearly all' customers in new data breach National Public Data confirms breach exposing Social Security numbers Schools Want to Ban Phones. Parents Say No. New York passes legislation that would ban 'addictive' social media algorithms for kids GPT-4o (omni) + new "Her"-style AI assistant (it's nuts) Google emissions jump nearly 50% over five years as AI use surges Trump proposes strategic national crypto stockpile at Bitcoin Conference Ten additional US states join DOJ antitrust lawsuit looking to break up Live Nation and TicketmasterThe Internet Archive just lost its appeal over ebook lending Hezbollah Pagers Explode in Apparent Attack Across Lebanon OpenAI raises $6.6 billion in largest VC round ever Painting by A.I.-Powered Robot Sells for $1.1 Million Netflix's Live Mike Tyson Vs. Jake Paul Fight Battling Sound & Streaming Glitches In Lead-Up To Main Event Infowars Sale to The Onion Rejected by Federal Bankruptcy Judge Supreme Court agrees to hear challenge to TikTok ban So You Want to Solve the NJ Drone Mystery? Our Expert Has Some Ideas Beeper's push for iMessage on Android is really over The Quiet Death of Ello's Big Dreams Japan finally ends mandatory form submission on floppy disks We'll Miss You: Pioneering instant messaging program ICQ is finally shutting down after nearly 30 years Spotify is going to break every Car Thing gadget it ever sold Game Informer to Shut Down After 33 Years In Memoriam Host: Leo Laporte Guests: Fr. Robert Ballecer, SJ, Richard Campbell, and Mikah Sargent Download or subscribe to This Week in Tech at https://twit.tv/shows/this-week-in-tech Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit Sponsor: bitwarden.com/twit
  1. TWiT 1011: The Year in Review – A Look at the Top Stories of 2024
  2. TWiT 1010: The Densest State in the US – TikTok Ban, Drones Over Jersey, GM Quits Robotaxis
  3. TWiT 1009: Andy Giveth & Bill Taketh Away – Trump's Tech Titans, Crypto Boom, TikTok's US Ban, Intel CEO Exits
  4. TWiT 1008: Internet Legal – Australia's Social Media Ban for Kids, Smart Home Nightmare, Bluesky's Ascent
  5. TWiT 1007: All the Hotdogs in the World – China's "Salt Typhoon" Hack, Google on the Chopping Block, Recall AI