Ransomware Attacks Aren’t Slowing Anytime Soon

Veritas Technologies surveyed more than 2,000 global IT leaders whose organizations have undertaken pandemic-led digital transformation. It found most are severely vulnerable to ransomware attacks because they’ve been unable to keep pace with the accelerated digitization.

In fact, the average organization experienced nearly three ransomware attacks that led to downtime in the past 12 months. Furthermore, 10% were hit with ransomware more than five times.

Additional findings revealed:

• The cloud presents the biggest vulnerabilities to ransomware. Only 61% believe that their organizations’ security measures have fully kept pace with their digital transformation initiatives. The largest gaps are cloud technology (56%) and security (51%).
• The vulnerability lag has consequences, as organizations with at least one gap in their technology strategy have, on average, experienced around five times more ransomware attacks compared to those with no gaps.
• Digitization is outpacing security. Sixty-one percent believe their organization’s security measures have fully kept up since the implementation of COVID-led digital transformation initiatives, with 39% experiencing some form of security deficit.
• No organization is immune, with 88% of organizations reporting that they experienced downtime in the past 12 months.

Mike Walkey is senior vice president of global channel and alliances at Veritas.

“Organizations will need to distribute their efforts wisely if they are to effectively address all of the areas that are lagging and, perhaps, this is why decision makers anticipate this process taking so long,” he said. “More worrying, 42% think that it will take more than two years before they will be able to resolve these gaps. To shorten the time needed to protect their infrastructure, organizations would need to spend an average of $2.47 million to close the gaps in their technology strategy within the next 12 months. On average, respondents think that their organization would need to hire 27 full-time IT employees to close the gaps in their technology strategy within the same time frame. Given the global skills shortage, it’s unlikely that every company is going to be able to acquire the talent needed to rise to this challenge.”

Other cybersecurity strategy gaps include compliance and regulatory (44%), skills (44%), resiliency/recovery (40%) and budgetary (38).

“To protect themselves from data threats, organizations’ production and protection environments have to evolve in parallel,” Walkey said. “This means that as each new solution is introduced into the organization’s technology stack, protection capabilities need to be extended to cover it in a timely manner.”

Good data protection strategies are predicated on a thorough understanding of the value and location of the data that needs to be protected, he said. Therefore, before cloud data sets can be properly protected from threats like ransomware, IT teams need to know exactly what data has been sent to which cloud services.