Security Pros Lack Confidence in Ransomware Recovery

September 1, 2016

Only 34 percent of IT Pros are “very confident” they could recover from a ransomware infection without losing critical data.

According to a Tripwire survey, 38 percent and 32 percent of respondents to its Black Hat survey were “very confident,” respectively.

“Successfully recovering from ransomware is well documented, whether through data recovery to paying ransom,” said Travis Smith, senior security research engineer at Tripwire. “It’s important for businesses to understand the costs associated with data recovery so that they’re prepared for a ransomware infection. Follow the 3-2-1 data backup rule: gather three copies of the data on two different types of media, with one of these copies stored off-site.”

The FBI has reported that ransomware attacks amassed more than $200 million during the first three months of 2016, signaling that cyber criminals are on track to gain over $1 billion through ransomware by the end of the year. According to research from Malwarebytes, nearly 40 percent of businesses experienced ransomware attacks between June 2015 and June 2016. Ransomware infections can be spread through a variety of tactics, including spear-phishing, malvertising, exploit kits and more.

Additional findings from the survey included:

• Fifty-three percent of the respondents were confident their executives could spot a phishing scam. Only forty-eight percent of the respondents at both the RSA Conference 2016 and Infosecurity Europe 2016 answered similarly.
• Only 19 percent of the respondents considered ransomware one of the top two security threats their organizations face.
• Only 22 percent of the respondents considered phishing one of the top two security threats their organizations face.

Smith continued: “Training is a vital aspect of preventing successful phishing attacks, especially as spear-phishing and ‘whaling’ campaigns can be more difficult to detect. It’s increasingly important for executives and high-profile employees to be prepared. Users should assume links and attachments are guilty until proven innocent; verify the sender’s intent before trusting their data.”

http://www.tripwire.com/company/research/tripwire-black-hat-2016-survey-ransomware-phishing/

You must login or register in order to post a comment.

2019 State of Organizational Resilience Report: Global Trends, Data and Analysis

Critical events can vary widely in type and size – from natural disasters to workplace violence – and a drawn-out response can lead to significant operational losses, brand damage, and concerns for health and safety. Organizational Resilience is the ability to identify, prepare for, and resolve these critical events, which is a vital trait for any mature institution.

The 2019 Security 500 Report will unveil the top 10 trends CSOs and enterprise security executives are facing today and how each of them could impact the enterprise’s global reputation with the public, governments and business partners.

Poll

Emergency Communications

View Results

Poll Archive

Products

Effective Security Management, 6th Edition

Effective Security Management, 5e, teaches practicing security professionals how to build their careers by mastering the fundamentals of good management. Charles Sennewald brings a time-tested blend of common sense, wisdom, and humor to this bestselling introduction to workplace dynamics.

See More Products

Security Magazine

2019 November

This month, Security magazine brings you the Security 500 Report, Rankings and Thought Leader Profiles. How does your enterprise compare to others? Which security programs are leading the way? Also this month, we highlight artificial intelligence, ransomware attacks, vaping and cybersecurity regulations.

View More Create Account

Security Pros Lack Confidence in Ransomware Recovery

Related Articles

Related Products

Report Abusive Comment