Ransomware attacks show no sign of slowing, according to a new research report, “2022 Impacts: Ransomware attacks and preparedness,” published today by Mountain View-based Menlo Security. A recent survey found that a third of organizations experience a ransomware attack at least once a week, with one in 10 experiencing them more than once a day.
This translates to security professionals coming under increasing pressure as organizations face an unprecedented number of highly sophisticated threats.When asked what keeps them awake at night, 41% of respondents say they worry about ransomware attacks evolving beyond their team’s knowledge and skillset, while 39% worry about them evolving beyond their company’s security capabilities.
Their biggest concern, however, is the risk of employees ignoring corporate security advice and clicking on links or attachments containing malware (46%). Respondents worry more about this than they do their own job security, with just a quarter (26%) of respondents worried about losing their job.
According to the report, around half of organizations (61% US and 44% UK) have been the victim of a successful ransomware attack in the last 18 months, with customers and prospects the most likely entry point for an attack. Partners/suppliers and employees/contractors are also seen as serious security risks, although one in 10 admit they are unable to identify how the attacks got in. The top three ransomware attack vectors are email (54%), web browsers via a desktop or laptop (49%) and mobile devices (39%).
“Security professionals are coming under increasing pressure as organizations face an unprecedented number of highly sophisticated threats like ransomware,” comments Mark Guntrip, senior director of Cybersecurity Strategy at Menlo Security. “On the frontline of cyber defense, they are often coping with huge amounts of stress, worrying about what employees are doing, their team and whether they are getting the right support internally, so it’s no surprise they are prioritizing the business over job security. Indeed, the burnout and high churn rate of CISOs is widely reported.”
Commissioned by Menlo Security, the research was conducted by SAPIO Research in June 2022 using an email invitation and online survey. The company commissioned a survey of 505 IT Security Decision Makers working within organizations with 1,000+ employees across the US and UK.
The report quantifies how and why many security professionals are feeling burned out.