Organizations are not equipped to defend against ransomware due to deficiencies in implementing and sustaining basic cybersecurity practices, including managing privileged administrator credentials and ensuring visibility of supply chain risk, an Axio reserach report reveals.
“Ransomware is everywhere, dominating headlines, corporate board meetings and even the Biden administration’s agenda,” remarked the report’s co-author David White, President of Axio.
“And with high-visibility attacks continuing to unfold, companies more than ever require ransomware readiness measures in place to protect against a cyber catastrophe. As we learned from the much-publicized SolarWinds attack—which raised a collective consciousness to the use of routine software updates to deliver ransomware—the evolution of attacks can include ransomware-as-a-service, targeting critical infrastructure networks where they can cause the most disruption and economic damage.”
Seven key areas of basic cybersecurity practices deficiency
The report identifies several emerging patterns that yield insights into why organizations are increasingly susceptible to ransomware attacks. The data pinpoints seven key areas where organizations are deficient in implementing and sustaining basic cybersecurity practices:
- Management of privileged access
- Basic cyber hygiene
- Exposure to supply chain risk
- Network monitoring
- Incident management
- Vulnerability management
- Training and awareness
Most organizations unprepared to tackle ransomware attack risks
Overall, most organizations surveyed are not adequately prepared to manage the risk associated with a ransomware attack. Key data findings include:
- Nearly 80% of organizations responded that they have not implemented or have only partially implemented a privileged access management solution.
- Only 36% of respondents indicated that they audit the use of service accounts, a type of privileged account, on a regular basis.
- Only 26% of respondents deny the use of command-line scripting tools (such as PowerShell) by default.
- 69% of organizations indicated that they do not limit access to the internet for their Windows domain controller hosts.
- Only 29% of respondents evaluate the cybersecurity posture of external parties prior to allowing them access to the organization’s network.
- Only 50% of respondents conduct user awareness training for employees on email and web-based threats, such as spear-phishing and watering hole attacks, on an annual basis.
“Companies need to take a proactive approach to ransomware by evaluating and identifying gaps in their cybersecurity posture. Our research clearly illustrates that some improvements in ransomware defense may be directly attainable by re-committing to improving basic cyber hygiene.”