Over-reliance on endpoint protection puts organisations at ransomware risk

Findings from the Gigamon research show that just 6 percent of global IT leaders know where all their network blind spots are.

Gigamon has published new findings from its Ransomware Defence research, commissioned and conducted by Gartner Peer Insights. The survey of global IT and InfoSec leaders across North America, APAC and EMEA found that 96 percent of InfoSec professionals consider endpoint detection and response (EDR) to be the most important tool in their arsenal against ransomware. Yet only 4 percent of global respondents are very confident they are prepared for an attack, and many anticipate major business disruption as a result.

Last year, more than two-thirds (69 percent) of organisations were victimised by ransomware and most IT and security professionals are now concerned about how this type of cybercrime may affect their professional careers. As businesses look to counter ransomware threats, findings from the survey identified that while the vast majority of respondents view EDR as integral, only 3 percent are very comfortable with the risk of unmanaged devices on their networks. As such, IT professionals are anticipating a ransomware attack on their organisation within the next 12-months – with EMEA respondents the most concerned with 75 percent seeing an attack as likely or very likely, followed by 56 percent in North America and 52 percent in APAC.

The research also revealed that network visibility is considered foundational to a holistic ransomware defence strategy. 83 percent of global cybersecurity professionals agreed that visibility into lateral threat movement is critical to rapid ransomware detection and response. However, only 60 percent of respondents say they know where most or all of their network blind spots are. EMEA organisations are again the least confident in their security positioning, with only 50 percent aware of all or most of their blind spots, compared to 61 percent in APAC and 64 percent in North America.

Ian Farquhar, Field CTO (Global) and director of the worldwide security architecture team, comments on the findings, “A dependence on endpoint protection will leave organizations exposed to ransomware. BYOD strategies and the IoT are growing, and these networks will not be well protected if an organisation prioritises EDR. Instead, SecOps teams need defence in depth through deep observability - i.e., harnessing actionable network-level intelligence to amplify the power of telemetry. Even if you know where most of your blind spots are, as 60 percent claim, this simply isn’t sufficient. It only takes a single blind spot to compromise your security, and only one threat actor to penetrate your network.”

Additional key findings from the research include:

Significant business disruption is anticipated; 53 percent of global respondents estimate their business would be disrupted for a day or more if impacted by a successful ransomware attack

Most IT leaders worry about the impact ransomware has on their professional careers; 85 percent agree or strongly agree that they are worried they will face professional ramifications if their business were to be disrupted due to ransomware

Respondents in APAC are more likely to outsource their threat hunting entirely; over a third of APAC respondents (36 percent) say outsourcing is their only method of threat hunting, compared to nearly two-thirds of respondents in North America and EMEA (65 percent) who use a combination of in-house and outsourced resources.

A new report from the Capgemini Research Institute finds that 51% of industrial organizations believe that the number of cyberattacks on smart factories is likely to increase over the next 12 months. Yet nearly half (47%) of manufacturers say cybersecurity in their smart factories is not a C-level concern. According to the Capgemini report, ‘Smart & Secure: Why smart factories need to prioritize cybersecurity’, few manufacturers have mature practices across the critical pillars of cybersecurity. The connected nature of smart factories is exponentially increasing the risks of attacks in the Intelligent Industry era.
New research reveals majority of large businesses can’t replace unsupported hardware, leaving potential vulnerabilities exposed.
With an unprecedented number of employees now working in hybrid or fully remote environments, compounded by an increase in cyber threats and a more overwhelmed, COVID-19 information fatigued workforce, there has never been a more critical time to effectively create and maintain a cyber-secure workforce and an engaged security culture.
Arcserve has published the first in a series of findings of its annual independent global research study on current experiences and attitudes of IT decision-makers (ITDMs) around data protection and recovery. Key findings from the research show that ransomware attacks continue to impact organisations worldwide with high costs, but they are still largely unprepared. With 50% of respondents targeted with ransomware attacks, the research indicates the critical need for companies to take a new approach to data resilience that fortifies disaster recovery strategies, backup systems, and immutable storage solutions to prevent the loss of mission-critical data.
A survey of WAN managers has revealed that multi-factor authentication and single sign-on are the top zero trust features implemented.
New research shows Log4Shell detections tripled, PowerShell scripts heavily influenced a surge in endpoint attacks, the Emotet botnet came back in a big way and malicious cryptomining activity increased.
Enterprise security solution underpinned by Versa SASE.
Hibernian FC is delighted to announce an innovative multi-year partnership with Acronis, the global leader in cyber protection, and Dunedin IT, one of Scotland's most trusted and experienced technology and connectivity providers providing end-to-end services.