Organizations are not equipped to defend against ransomware due to deficiencies in implementing and maintaining basic cybersecurity practices, including management of privileged administrator credentials and visibility of risks related to the supply chain, reveals an Axio research report.
“Ransomware is everywhere, dominating headlines, board meetings and even the Biden administration’s agenda,” noted the report’s co-author. David Blanc, Chairman of Axio.
“And with high visibility attacks continuing to unfold, businesses need ransomware preparedness more than ever before to protect against a cyber disaster. As we learned from the high-profile SolarWinds attack, which raised collective awareness about using routine software updates to deliver ransomware, the evolution of attacks can include ransomware as a service, targeting critical infrastructure networks where they can cause the most economic disruption and damage.
Seven key areas of cybersecurity business practice deficiency
The report identifies several emerging models that provide insight into why organizations are increasingly susceptible to ransomware attacks. The data identifies seven key areas where organizations fail to implement and maintain core cybersecurity practices:
- Privileged access management
- Basic cyber hygiene
- Supply chain risk exposure
- Network monitoring
- Incident management
- Vulnerability management
- Training and awareness
Most organizations are unprepared for the risks of a ransomware attack
Overall, most of the organizations surveyed are not sufficiently prepared to manage the risk associated with a ransomware attack. Key findings from the data include:
- Almost 80% of organizations responded that they had not implemented or had only partially implemented a privileged access management solution.
- Only 36% of respondents indicated that they regularly audit the use of service accounts, a type of privileged account.
- Only 26% of respondents deny the use of command line scripting tools (such as PowerShell) by default.
- 69% of organizations indicated that they do not restrict Internet access for their Windows domain controller hosts.
- Only 29% of respondents assess the cybersecurity posture of external parties before allowing them access to the organization’s network.
- Only 50% of respondents conduct user awareness training each year on email and web threats, such as spear phishing and water point attacks.
“As ransomware techniques continue to become more sophisticated and readily available, the threat to organizations, regardless of their size or industry, is increasing,” said Scott kannry, CEO of Axio.
“Organizations need to take a proactive approach to ransomware by assessing and identifying gaps in their cybersecurity posture. Our research clearly shows that some ransomware defense improvements may be directly achievable by re-committing to improving basic cybersecurity hygiene.