Security Pros Lack Confidence in Ransomware Recovery

September 1, 2016

Only 34 percent of IT Pros are “very confident” they could recover from a ransomware infection without losing critical data.

According to a Tripwire survey, 38 percent and 32 percent of respondents to its Black Hat survey were “very confident,” respectively.

“Successfully recovering from ransomware is well documented, whether through data recovery to paying ransom,” said Travis Smith, senior security research engineer at Tripwire. “It’s important for businesses to understand the costs associated with data recovery so that they’re prepared for a ransomware infection. Follow the 3-2-1 data backup rule: gather three copies of the data on two different types of media, with one of these copies stored off-site.”

The FBI has reported that ransomware attacks amassed more than $200 million during the first three months of 2016, signaling that cyber criminals are on track to gain over $1 billion through ransomware by the end of the year. According to research from Malwarebytes, nearly 40 percent of businesses experienced ransomware attacks between June 2015 and June 2016. Ransomware infections can be spread through a variety of tactics, including spear-phishing, malvertising, exploit kits and more.

Additional findings from the survey included:

• Fifty-three percent of the respondents were confident their executives could spot a phishing scam. Only forty-eight percent of the respondents at both the RSA Conference 2016 and Infosecurity Europe 2016 answered similarly.
• Only 19 percent of the respondents considered ransomware one of the top two security threats their organizations face.
• Only 22 percent of the respondents considered phishing one of the top two security threats their organizations face.

Smith continued: “Training is a vital aspect of preventing successful phishing attacks, especially as spear-phishing and ‘whaling’ campaigns can be more difficult to detect. It’s increasingly important for executives and high-profile employees to be prepared. Users should assume links and attachments are guilty until proven innocent; verify the sender’s intent before trusting their data.”

http://www.tripwire.com/company/research/tripwire-black-hat-2016-survey-ransomware-phishing/

Developing Mutually Beneficial Public/Private Partnerships in Security

This webinar will offer industry best practices to help your security team create or expand a sustainable program that aids in the fulfillment of your organization’s goals and objectives, while assisting your local agencies in fulfilling some of theirs as well — ultimately offering stronger security and response across both.

This year promises to build on the technological and business model innovations of last year, refine their value propositions, and play a key part for organizations who are navigating through covid-19 and planning for a post-Covid era.

Poll

Video Surveillance

View Results

Poll Archive

Products

Effective Security Management, 7th Edition

Effective Security Management, 5e, teaches practicing security professionals how to build their careers by mastering the fundamentals of good management. Charles Sennewald brings a time-tested blend of common sense, wisdom, and humor to this bestselling introduction to workplace dynamics.

See More Products

Security Pros Lack Confidence in Ransomware Recovery

Get our new eMagazine delivered to your inbox every month.

Stay in the know on the latest enterprise risk and security industry trends.

Security Pros Lack Confidence in Ransomware Recovery

Related Articles

Get our new eMagazine delivered to your inbox every month.

Stay in the know on the latest enterprise risk and security industry trends.