New research from Adarma, the UK’s largest independent cyber threat management company, has discovered a major disconnect in the way organisations think and act in the face of ransomware. Adarma’s nationwide ransomware study surveyed 500 C-level executives at UK businesses with over 2,000 employees and found that 58% of respondents have experienced a ransomware attack, with 94% of respondents reporting to be either concerned or very concerned about being hit by ransomware. However, the research also showed that 95% of business leaders were still confident in their ability to respond effectively to a ransomware attack, despite 22% not having an incident response plan in place.
According to Adarma’s research of those businesses that reported to have suffered a ransomware attack in the past, more than two-thirds admitted that they had paid the attackers the ransom, a figure which rose to 100% for businesses with less than a one million pound turn over.
While these business leaders were confident in their companies defences, only 22% had an organisation with a cyber incident response plan put in place in case of an attack. A fifth of organisations that did have a plan did not have a third party or departments outside of the IT and Security Operations teams involved, which is a key component of a strong incident response plan.
When asked about whom accountability of an attack falls on, 48% of business leaders said that they would blame the IT Security team if they were to be hit by a ransomware attack, while only 33% said that they would blame the CEO or board. Additionally, 19% of the survey’s respondents said that they felt that the individual who clicked on a phishing link would be accountable for a ransomware attack.
John Maynard, chief executive officer at Adarma said, “ransomware is at epidemic levels and there is a disconnect between organisations’ confidence in their levels of preparedness in the face of an attack and what we are seeing on the ground. With almost 60% of UK businesses with more than 2,000 employees having experienced a ransomware attack, it is critical that we elevate this risk within our own organisations.”
Maynard, continued to say, “there are a number of steps that organisations can take to reduce their risk of business impact from ransomware attacks from preventive measures and effective preparation through to detection, disruption, eradication, containment and response.  It is critical that we reduce the attack surface, harden our systems, deploy preventive and detective controls, and implement a well thought out incident response plan that extends beyond just the technical requirements.  Organisations should be regularly simulating an attack to test the effectiveness of their organisational defences and response plans and adapting and improving before being faced with the real thing.”
The IT Security Guru offers a daily news digest of all the best breaking IT security news stories first thing in the morning! Rather than you having to trawl through all the news feeds to find out what’s cooking, you can quickly get everything you need from this site!

Our Address: 10 London Mews, London, W2 1HY
Follow Us
© 2015 – 2019 IT Security Guru – Website Managed by Calm Logic
© 2015 – 2019 IT Security Guru – Website Managed by Calm Logic
This site uses functional cookies and external scripts to improve your experience.
Privacy settings
Privacy Settings / PENDING
This site uses functional cookies and external scripts to improve your experience. Which cookies and scripts are used and how they impact your visit is specified on the left. You may change your settings at any time. Your choices will not impact your visit.
NOTE: These settings will only apply to the browser and device you are currently using.
GDPR Compliance

source

You May Also Like

UK announces digital identity security legislation

The UK government has announced plans to introduce new legislation, aiming to…

Ukrainian machines hit with another Malware variant

Security researchers have discovered the fourth destructive malware variant targeting Ukrainian machines…