– New research reveals companies of all sizes affected equally
– Most companies not confident in current security measures
– Manufacturing, Retail and Hospitality industries most targeted
– Poor password discipline remains a major vector
Cymulate, the Extended Security Posture Management market leader, announced the results of a survey, revealing that despite the increase in the number of attacks this past year, overall victims suffered limited damage in both severity and duration. Research taken from nearly 900 enterprise professionals across 14 sectors worldwide highlighted that the majority of respondents undertook proactive measures to prevent the attack before it could cause any significant damage, and the vast majority of those even before it could cause any serious downtime. There was little difference in the size of organizations that ransomware targeted, affecting both large and small companies alike.
Read More: Loopio Places On The Globe And Mail’s Third-Annual Ranking Of Canada’s Top Growing Companies
Highlights include:
- More than half – whether previously hit by ransomware or not – don’t feel confident they can fend off a ransomware attack.
- One-third (28%) of organizations were hit by ransomware over the last few years.
- 23% of smaller business (between 1-1,000 employees) experienced a ransomware attack, 27% of mid-size (between 1,001-5,000) and 23% large enterprises (20,000+).
- Only 14% of respondents that experienced an attack were down for a week or more.
- 19% of the respondents experienced major damages and interruption to business or production and 26% reported that damages were relegated to a few systems.
- 70% report increased awareness of ransomware threats at boardroom level and business management level.
- Frequency of attacks is the highest in APAC, followed by Latin America, Africa and North America.
- All companies, regardless of size have a 1-in-4 chance of being hit by ransomware.
- Prior victims of ransomware are allocating more security budget (64%) and headcount (58%) than organizations not previously attacked. Non victims however are still allocating more security budget (55%) and headcount (37%).
- Most companies are creating new or modified incident response plans with between 43% (victims) to 46% (non-victims).
- Poor password discipline is still a major attack vector.
- Traditional security procedures/purchases were added because of ransomware
- 39% increased end-point detection and response (EDR) and 34% increased multi-factor authentication (MFA) in non-victims and 30% increased EDR in victims.
- 82% of the respondents are adopting offensive cybersecurity solutions.
“This latest survey is critical in helping us understand that while we may be experiencing increased anxiety from the rise in ransomware, we have also learned lessons and are able to both prevent attacks and recover far quicker than before,” said Eyal Wachsman, CEO and Co-Founder of Cymulate. “Organizations still need to remain vigilant as ransomware continues to strike every sector and every size organization. Security teams need to ensure current controls are effective and conduct basic cyber hygiene to prevent further damage.”
Cymulate recently broadened its capabilities, becoming the first company to offer an extended security posture management solution. They provide out-of-the-box, expert and threat intelligence-led risk assessments that are constantly updated and simple to deploy for all maturity levels. Their open framework enables the creation of automated red and purple teaming exercises by generating penetration campaigns and advanced attack scenarios tailored to their unique environments and security policies. Deployable within an hour, Cymulate enables security professionals to continuously challenge, validate and optimize their cyber-security posture end-to-end, across the MITRE ATT&CK® framework.
Read More: SalesTechStar Interview With Ryan Whitney, Chief Sales Officer At AnyRoad