The threat of being hit with a ransoware attack has the vast majority of companies scared to death that they are next on some cybercriminals hit list, but despite this high level of angst, most have little faith in their back up systems to help restore their files and have even less confidence in their security systems to defend their data.
The key indicator from the KnowBe4 2016 Ransomware Threat Concerns survey indicating that the fear level surrounding ransomware is rising was that 79 percent, up from 73 percent in 2014, of the firms questions said they are now extremely concerned over the issue. And they have a good reason to be so worried. Only 40 percent said they would rely on their backed up files to solve the situation, just 19 percent believe their current security solution is very effective and 28 percent do not have confidence in the effectiveness of their spam filtering systems.
“It would appear backup is not as easy as it could or should be,” Stu Sjouwerman, founder and CEO of KnowBe4 to SCMagazine.com, said in an email.
The survey of 1,138 companies found 38 percent of the companies surveyed were hit with a ransomware attack in 2016, up from 20 percent in 2014 with companies having between 500-1,000 employees being singled out for even more attacks with 51 percent of these admitting to have been struck. Larger firms were impacted somewhat less with 41 percent reporting an attack and only 35 percent of firms with 250 or fewer employees being hit.
However, the greatest surprise to KnowBe4 was the disparity by industry, Sjouwerman said. Manufacturing was found to have been hit the hardest at 54 percent, compared with 44 percent in healthcare, education at 35 percent, tech at 29% and banking at 28%.
When it comes to stopping ransomware attacks the survey found 89 percent consider security awareness training for their employees to be the most effective defensive measure with 83 percent saying backing up files is the best protection. These figures basically did not change from what was found in 2014, the report stated.
Sjouwerman also pointed out a few of the positive takeaways from the study. “Awareness that email is the primary vector - increasing from 47 percent to 61 percent, along with the knowledge that a good security awareness program really does help and can be an effective measure.”
These figures were derived by comparing the results from a study KnowBe4 conducted this year and compared to an earlier survey held in June 2014.