Survey says companies unprepared for ransomware, phishing attacks
Only 38 percent expressed confidence in their organization’s ability to fully recover without losing critical data.
Tripwire released the results of a survey that was conducted earlier this month at the RSA Conference that asked 200 security pros how prepared their company is to face various cybercrimes and, for the most part, the answers were pessimistic.
When it came to recovering from a ransomware attack, only 38 percent expressed confidence in their organization's ability to fully recover without losing critical data. Another 49 percent were somewhat confident and 13 percent were not at all confident that the company could escape unscathed.
One way to boost confidence, the survey said, is for companies to be better prepared for the eventuality of an attack.
“The decision to pay a ransom comes down to the confidence and financial cost of recreating or restoring data from a previous backup,” Travis Smith, senior security researcher for Tripwire, said in an email to SCMagazine.com. "Since most ransomware samples we have seen have a time limit to pay, it's important to have confidence you can restore the majority of data on short notice. Organizations should focus on improving backup and restoration procedures to reduce the cost of restoring data and services after a potential breach.
Tripwire found a large increase in the number of spear phising attacks that have taken place during the last 12 months with 58 percent of those surveyed seeing an increase in such attacks. The growth of this particular cybercrime could prove problematic for security teams because just 48 percent of those participating in the survey said they were confident the executives leading their organization could spot a phishing scam.