Gigamon, the deep observability company, has launched its State of Ransomware 2022 and Beyond report, which has stated that 59% of respondents globally claimed the ransomware crisis has worsened in 2022, while 95% experienced ransomware attacks in the past year.
Further, almost one third of organisations have suffered ransomware attacks enabled by a malicious insider. This threat is nearly as common as the an attack enabled by an accidental insider (35%).
According to the global survey of IT and security leaders across the US, EMEA and APAC, 59% of organisations believe ransomware has worsened in the last three months, with phishing (58%), malware/computer viruses (56%) and cloud applications (42%) cited as other common threat vectors.
As the ransomware crisis worsens, threat actors like Lapsus$ group are now well-known for preying on disgruntled employees in order to gain access to a corporate network, Gigamon noted. The survey found that of those who are seeing insider threats as a cause for increasing ransomware attacks, 95% (and 99% of CISOs/CIOs) view the malicious insider as a significant risk. Fortunately, 66% of these respondents now have a strategy for both types of insider threat, particularly in the case of Singapore (80%), Australia (73%) and the US (67%).
However, greater observability is needed; many do not yet have visibility to distinguish which type of insider threat is endangering their business.
The survey report also found 88% of global respondents believe there is ‘blame culture’ in the cybersecurity industry, with 37% in Singapore seeing this tendency to point the finger when breaches occur as heavily prevalent. Worryingly, 94% of those who recognise blame culture told Gigamon that it could also be a deterrent to the speed of reporting an incident – at least somewhat, depending on the scale of the incident.
To overcome this issue, 42% of organisations called for more transparency, as well as industry-wide collaboration (29%) and providing CIOs/CISOs with ‘deep observability’ (22%). In fact, over a quarter (26%) of CIOs/CISOs are calling for the latter to help overcome the blame culture.
Gigamon explained that deep observability is a relatively concept that can be defined as real-time network level intelligence that amplifies power metric, event, log and trace-based monitoring tools. As well as being a solution called for by CIOs/CISOs to tackle the blame culture, deep observability (66%) was cited on par with Zero Trust (66%) as key to tackling the malicious insider threat.
However, since the 2020 Gigamon survey report, awareness of Zero Trust’s complexities has grown, meaning many now lack confidence in its implementation. Today, 44% of EMEA respondents believe that Zero Trust requires too much oversight and resource. Two years ago, this number was only 23%. Deep observability, on the other hand, is being recognised as central to cybersecurity, not only for ransomware protection, but even more so for protecting the cloud (89% of global respondents agree) and ensuring safe cloud migration (82% of global respondents agree).
“Deep observability is being acknowledged by security teams around the world as crucial to a successful ‘defense-in-depth’ posture. In fact, we’ve learned that 78% of organisations are seeing deep observability being discussed by the board for better network to cloud security,” commented Ian Farquhar, Field CTO (Global) and Director of the Security Architecture Team at Gigamon.
“This holistic visibility is essential to support Infosecurity professionals as they battle a number of challenges, including cloud misconfiguration and the rise in malicious insider threats, as well as a culture of finger pointing and blame when things go wrong.”
Additional report highlights include:
- Ransomware is a board priority. Nearly nine in 10 (89%) of global boardrooms see this threat as a priority concern, a number that rises in the UK (93%), Australia (94%) and Singapore (94%). When asked how this cyber threat is viewed, the leading perception across all regions was that it is a ‘reputational issue’ (33%).
- Cyber insurance worsens the ransomware crisis. Almost six in 10 (57%) of those surveyed agreed that the cyber insurance market is exacerbating the ransomware crisis. In APAC, where cyber insurance is most commonly used, this concern is felt by 66% of Australian respondents and 68% of those in Singapore.
Explore
No comments:
Post a Comment