Fortinet, a Sunnyvale, California-based cybersecurity company, has unveiled its 2021 Global State of Ransomware Report, revealing that most organizations are more concerned about ransomware than other cyberthreats.
“According to a recent FortiGuard Labs Global Threat Landscape report, ransomware grew 1070% year over year,” said CMO John Maddison. “Unsurprisingly, organizations cited the evolving threat landscape as one of the top challenges in preventing ransomware attacks. As evidenced by our ransomware survey, there is a huge opportunity for the adoption of technology solutions like segmentation, SD-WAN, ZTNA, as well as SEG and EDR, to help protect against the threat of ransomware and the methods of access most commonly reported by respondents.”
However, while the majority of surveyed organizations indicated they are prepared for a ransomware attack, including employee cyber training, risk assessment plans, and cybersecurity insurance, there was a clear gap in perceptions of what constitutes adequate defense. Nonetheless, Secure Web Gateway, VPN and Network Access Control ranked among the top choices. Most concerning was the low importance of segmentation (31%), a critical technology solution that prevents intruders from moving laterally across the network to access critical data and IP. Likewise, UEBA and sandboxing play a critical role in identifying intrusions and new malware strains, yet both were lower on the list. Another surprise was secure email gateway at 33%, given phishing was reported as a common entry method of attackers.
The top concern of organizations regarding a ransomware attack was the risk of losing data, with the loss of productivity and the interruption of operations following closely behind. In addition, 84% of organizations reported having an incident response plan, and cybersecurity insurance was a part of 57% of those plans. Forty-nine percent of the respondents said their standard procedure is to pay the ransom outright, and for another 25%, it depends on how expensive the ransom is. Of the one-quarter who paid ransom, most, but not all, got their data back.
The report is based on a global survey of IT decision-makers conducted in August 2021 with 455 business leaders from small as well as mid to large-sized organizations worldwide.
The high number of attacks demonstrates the urgency for channel partners to help their customers adopt the necessary defenses.