A Vanson Bourne survey report highlights that payment requirements for ransomware and extortion fees are increasing massively, while trust in previous-generation IT vendors has declined and organizations are actually becoming slower in detecting cyber security incidents.
“The survey presents a disturbing picture of the modern threat landscape, and demonstrates that rivals continue to exploit organizations around the world and overtake outdated technologies. Today’s threat environment costs businesses around the world millions of dollars and causes further falls,” he said. Michael Santonas, CTO at CrowdStrike.
“The evolving remote workplace undoubtedly highlights challenges for businesses because earlier-generation software like Microsoft is struggling to keep up with today’s accelerated digital world.”
“This presents a clear clarification call that businesses need to change the way they operate and more rigorously evaluate the vendors they work with,” Sentonas added. “The landscape of threats continues to evolve at a frightening rate and it is clear that modern organizations need a cloud-to-end holistic platform approach to tackle and correct threats quickly.”
Customers are losing trust in previous generation suppliers
Recent attacks such as Sunburst and Kaseya have once again brought supply chain attacks to the forefront, as 63% of respondents admitted that their organization loses confidence in previous-generation vendors, such as Microsoft, due to frequent security incidents against these previously reliable technology vendors.
The issue is so widespread that 77% of respondents suffered from a supply chain attack. It is clear that businesses seeking to increase their cyber resilience will need faster action and newer technologies.
- 45% of respondents have experienced at least one supply chain attack in the last 12 months.
- 64% of respondents can not claim that all their software vendors have been tested in the last 12 months.
- 84% of respondents fear that supply chain attacks will become one of the major cyber security threats in the next three years.
Ransomware remains an ongoing and very common threat
Survey data indicate that ransomware attacks continue to prove effective, with average ransom payments increasing by 62.7% in 2021 (from $ 1.1 million in 2020 to $ 1.79 million in 2021). Not only that, almost universal organizations are harmed by “double extortion”, where threatening players not only demand ransom to decipher data, they also threaten to leak or sell the data unless the victims pay more money.
Survey data show that 96% of organizations that paid a ransom had to pay additional extortion fees, which cost businesses an average of $ 792,493. Other notable findings include the following:
- 66% of respondents’ organizations have suffered at least one ransomware attack in the last 12 months.
- 57% of businesses did not have a comprehensive ransomware protection strategy.
- The average ransomware payment was $ 1.34 million in EMEA and $ 2.35 million in APAC and $ 1.55 million in the US.
- The average ransom payment rose 63% in 2021 to $ 1.79 million, compared to $ 1.10 million in 2020. The average ransom demand from the attackers is $ 6 million. While the attackers do not get exactly the amounts they are looking for, they still make huge payments. This is attributed to companies that understand both the threat and their exposure, and their ability to negotiate with attackers.
Organizations facing challenges in locating security incidents
Organizations are encouraged to strive to meet rule 1-10-60, where security teams demonstrate the ability to detect threats in the first minute of intrusion, investigate and understand the threat within 10 minutes, and contain and eradicate the threat within 60 minutes. . On the first sign of the day Digital world, Organizations continue to face massive challenges in locating security incidents, as evidenced by survey data.
- On average, respondents estimated it would take 146 hours to detect a cyber security incident, up from 117 hours in 2020.
- Once identified, it takes organizations 11 hours to check, investigate and understand a security incident and 16 hours to contain and repair one.
- 69% of respondents said their organization suffered an incident because of a team that worked remotely.