Security teams know the key to catching and stopping attacks early is to understand how their adversaries think. But many are behind the curve, according to a survey (conducted by CyberRisk Alliance and sponsored by PlexTrac) among 315 security influencers and decision makers in the U.S. and Canada.
When it comes to stopping ransomware attacks in particular:
- More than half (57%) believe it’s important for their organization to understand adversarial behavior in defending against ransomware or advanced attacks. However:
- Only 46% have conducted some type of adversarial attack simulation/emulation exercise, and
- Only 30% say they are adept at understanding adversarial behavior.
This report covers the survey results and offers guidance, specifically — how often security teams should perform red-, blue- and purple-team exercises and what such exercises should entail.