Security Pros Lack Confidence in Ransomware Recovery

September 1, 2016

Only 34 percent of IT Pros are “very confident” they could recover from a ransomware infection without losing critical data.

According to a Tripwire survey, 38 percent and 32 percent of respondents to its Black Hat survey were “very confident,” respectively.

“Successfully recovering from ransomware is well documented, whether through data recovery to paying ransom,” said Travis Smith, senior security research engineer at Tripwire. “It’s important for businesses to understand the costs associated with data recovery so that they’re prepared for a ransomware infection. Follow the 3-2-1 data backup rule: gather three copies of the data on two different types of media, with one of these copies stored off-site.”

The FBI has reported that ransomware attacks amassed more than $200 million during the first three months of 2016, signaling that cyber criminals are on track to gain over $1 billion through ransomware by the end of the year. According to research from Malwarebytes, nearly 40 percent of businesses experienced ransomware attacks between June 2015 and June 2016. Ransomware infections can be spread through a variety of tactics, including spear-phishing, malvertising, exploit kits and more.

Additional findings from the survey included:

• Fifty-three percent of the respondents were confident their executives could spot a phishing scam. Only forty-eight percent of the respondents at both the RSA Conference 2016 and Infosecurity Europe 2016 answered similarly.
• Only 19 percent of the respondents considered ransomware one of the top two security threats their organizations face.
• Only 22 percent of the respondents considered phishing one of the top two security threats their organizations face.

Smith continued: “Training is a vital aspect of preventing successful phishing attacks, especially as spear-phishing and ‘whaling’ campaigns can be more difficult to detect. It’s increasingly important for executives and high-profile employees to be prepared. Users should assume links and attachments are guilty until proven innocent; verify the sender’s intent before trusting their data.”

http://www.tripwire.com/company/research/tripwire-black-hat-2016-survey-ransomware-phishing/

You must login or register in order to post a comment.

The Value of a Unified Approach to Critical Event Management

From extreme weather to cyberattacks to workplace violence, every organization will experience at least one, if not multiple, critical events per year. And in today’s interconnected digital and physical world, the cascading safety, brand, and revenue impacts of critical events are more severe. Organizations need to be prepared through a unified and rapid response to these events.

Poll

Emergency Communications

View Results

Poll Archive

Products

Effective Security Management, 6th Edition

Effective Security Management, 5e, teaches practicing security professionals how to build their careers by mastering the fundamentals of good management. Charles Sennewald brings a time-tested blend of common sense, wisdom, and humor to this bestselling introduction to workplace dynamics.

See More Products

Security Magazine

2020 January

This month, Security magazine highlights the importance of establishing the right metrics for your security program. Also, we highlight Eric Clay, Director of Public Safety for CoxHealth, and discuss how to build a successful K-9 Program and rethink "red flags" to prevent insider threat attacks. Industry leaders discuss this year's Presidential Election security and 2020 predictions for the security industry.

View More Create Account

Security Pros Lack Confidence in Ransomware Recovery

Related Articles

Related Products

Report Abusive Comment