Ransomware is the top concern for 85% of organizations, revealed Fortinet. Fortinet has released the Global State of Ransomware Report 2021. According to the survey, most companies are more concerned about ransomware than other cyberthreats. While the majority of organizations surveyed indicated that they are prepared for a ransomware attack, including employee cyber training, risk assessment plans, and cybersecurity insurance, there was a clear gap between what many respondents viewed as essential technology solutions for protection and the technology that can best guard against the most commonly reported methods of gaining access to their networks.
John Maddison, EVP of Products and CMO at Fortinet
“According to a recent FortiGuard Labs Global Threat Landscape report, ransomware grew 1070% year over year. Unsurprisingly, organizations cited the evolving threat landscape as one of the top challenges in preventing ransomware attacks. As evidenced by our ransomware survey, there is a huge opportunity to adopt technology solutions like segmentation, SD-WAN, ZTNA, and SEG and EDR to help protect against the threat of ransomware and the methods of access most commonly reported by respondents. The high number of attacks demonstrates organizations’ urgency to ensure their security addresses the latest ransomware attack techniques across networks, endpoints, and clouds. The good news is that organizations are recognizing the value of a platform approach to ransomware defense.”
According to the technologies deemed critical, organizations were most concerned about remote workers and devices, with Secure Web Gateway, VPN, and Network Access Control among the top picks. While ZTNA is still in its early stages, it should be considered a viable alternative to existing VPN technology. The most worrying finding was the low importance of segmentation (31 percent), a vital technical solution that prevents intruders from traveling laterally across the network to access critical data and IP. Similarly, UEBA and sandboxing are important for detecting intrusions and emerging malware strains, but they were ranked lower on the list. Another surprise was secure email gateway at 33%, given phishing was reported as a common entry method of attackers.
The risk of losing data was the top fear of businesses when faced with a ransomware assault, followed by the loss of productivity and the disruption of operations. Furthermore, 84 percent of businesses said they have an incident response strategy, with cybersecurity insurance making up 57 percent of those plans. When it comes to paying a ransom in the event of an attack, 49 percent of respondents said they would pay the ransom in full, while another 25% said it would depend on how much the ransom costs. Most, but not all, of the one-quarter of those who paid the ransom received their data back.
While ransomware worries were fairly uniform across the board, there were significant geographical disparities. EMEA (95%), Latin America (98%), and APJ (Asia-Pacific/Japan) (98%) respondents were just marginally more apprehensive about ransomware attacks than their North American counterparts (92 percent ). Data loss is the main risk linked with a ransomware assault in all areas, as is the fear of being unable to keep up with an increasingly sophisticated threat landscape. APJ, on the other hand, cites a lack of user knowledge and training as their primary worry. In comparison to 59 percent in North America and 58 percent in EMEA, respondents in APJ and Latin America were more likely to have been victims of a ransomware assault in the past (78 percent). Phishing lures were a common attack vector across the board, whereas in APJ and LatAm, remote desktop protocol (RDP) exploits and open unprotected ports were the most common attack vectors.
Almost all respondents believe that actionable threat intelligence combined with integrated security solutions or a platform is essential for stopping ransomware attacks and that AI-driven behavioral detection capabilities are valuable.
While almost all respondents said they are moderately prepared and plan to invest in employee cyber awareness training, the survey shows that organizations must recognize the value of investing in advanced email security, segmentation, and sandboxing, in addition to the traditional NGFW, SWG, and EDR, to detect, prevent, and limit ransomware. Given today’s ransomware methods and strategies, businesses must explore and analyze these solutions in order to reduce risk. The most advanced enterprises will use a platform-based security solution for ransomware prevention that includes core capabilities that are completely integrated with actionable threat intelligence. To effectively detect and respond to ransomware threats, they must be built to work together as a unified system and augmented by AI and machine learning.