Security Pros Lack Confidence in Ransomware Recovery

September 1, 2016

Only 34 percent of IT Pros are “very confident” they could recover from a ransomware infection without losing critical data.

According to a Tripwire survey, 38 percent and 32 percent of respondents to its Black Hat survey were “very confident,” respectively.

“Successfully recovering from ransomware is well documented, whether through data recovery to paying ransom,” said Travis Smith, senior security research engineer at Tripwire. “It’s important for businesses to understand the costs associated with data recovery so that they’re prepared for a ransomware infection. Follow the 3-2-1 data backup rule: gather three copies of the data on two different types of media, with one of these copies stored off-site.”

The FBI has reported that ransomware attacks amassed more than $200 million during the first three months of 2016, signaling that cyber criminals are on track to gain over $1 billion through ransomware by the end of the year. According to research from Malwarebytes, nearly 40 percent of businesses experienced ransomware attacks between June 2015 and June 2016. Ransomware infections can be spread through a variety of tactics, including spear-phishing, malvertising, exploit kits and more.

Additional findings from the survey included:

• Fifty-three percent of the respondents were confident their executives could spot a phishing scam. Only forty-eight percent of the respondents at both the RSA Conference 2016 and Infosecurity Europe 2016 answered similarly.
• Only 19 percent of the respondents considered ransomware one of the top two security threats their organizations face.
• Only 22 percent of the respondents considered phishing one of the top two security threats their organizations face.

Smith continued: “Training is a vital aspect of preventing successful phishing attacks, especially as spear-phishing and ‘whaling’ campaigns can be more difficult to detect. It’s increasingly important for executives and high-profile employees to be prepared. Users should assume links and attachments are guilty until proven innocent; verify the sender’s intent before trusting their data.”

http://www.tripwire.com/company/research/tripwire-black-hat-2016-survey-ransomware-phishing/

You must login or register in order to post a comment.

User experience. You’ve probably heard this term used in reference to some of your favorite apps and devices like Facebook or Twitter, but what does “user experience” have to do with physical security?

In today's tumultuous global climate, where corporations span countries and employee travel is essential to doing business, crises are inevitable. This is why corporate security teams must always be ready for the unexpected and have procedures and plans in place to respond quickly and efficiently. A lag in crisis response or an ineffective response can cost money, resources, and even lives.

Security Magazine

2019 June

Our June issue cover article features “Security Leadership: Women in the Spotlight”.

Also in June, video is becoming a fundamental component of a quality security plan. How can CPTED strategies lead to better physical enterprise security? And discover How David Espie, Director of Security, secures Mayland's Seaports.

View More Subscribe

Security Pros Lack Confidence in Ransomware Recovery

Related Articles

Related Products

Related Events

Report Abusive Comment