Ransomware preparedness: What are you doing wrong?
Axio released its 2022 State of Ransomware Preparedness research report, revealing that although notable improvements have been made since Axio’s 2021 report, organizational ransomware preparedness continues to be insufficient to keep pace with new attack vectors.
The report reveals that the lack of fundamental cybersecurity practices and controls, including critical vulnerability patching and employee cybersecurity training, continues to undermine organizational attempts to improve ransomware defenses.
“Ransomware continues to wreak havoc on global organizations, regardless of size or industry,” remarked the report’s co-author David White, President of Axio.
“As the number of attacks will most likely continue on an exponential trajectory, it’s more important than ever for companies to re-evaluate their cybersecurity practices and make the needed improvements to help combat these attacks.”
What’s hampering organizational ransomware preparedness?
The report identifies several emerging patterns that yield insights into why organizations are increasingly susceptible to ransomware attacks. In 2021, seven key areas where organizations were deficient in implementing and sustaining basic cybersecurity practices were identified, and these patterns dominated the 2022 study results as well:
- Managing privileged access
- Improving basic cyber hygiene
- Reducing exposure to supply chain and third-party risk
- Monitoring and defending networks
- Managing ransomware incidents
- Identifying and addressing vulnerabilities in a timely manner
- Improving cybersecurity training and awareness
Overall, most organizations surveyed are not adequately prepared to manage the risk associated with a ransomware attack. Key data findings include:
- The number of organizations with a functional privileged access management solution in place increased by 10% but remains low at 33% overall.
- Limitations on the use of service and local administrator accounts remain average overall, with nearly 50% of organizations reporting implementing these practices.
- Approximately 40% of organizations monitor third-party network access, evaluate third-party cybersecurity posture, and limit the use of third-party software.
- Less than 50% of respondents implement basic network segmentation and only 40% monitor for anomalous connections.
- Critical vulnerability patching within 24 hours was reported by only 24% of organizations.
- A ransomware-specific playbook for incident management is in place for only 30% of organizations.
- Active phishing training has improved but is still not practiced by 40% of organizations.