“How prepared are we for a ransomware attack?”
This question continues to be a focal point of C-level and board conversations. The impact of ransomware events can disrupt business operations and the delivery of goods and services and have monumental financial implications. Some recent and disturbing data points include:
- The average mean time between a ransomware attack and business interruption was 23 days in 2021
- Analysis of the Irish healthcare ransomware event concluded significant recovery, restoration, and improvement expenses totaling over $100M
- A massive cyberattack in May 2021 cost Scripps Health $112.7 million through the end of June
Our latest 2022 research study: State of Ransomware Preparedness, provides real-world data to assess how organizations are doing in fighting the cybersecurity scourge of our generation and hopefully prevent such consequential losses in the event they are breached.
Our research study was written by Axio President and Co-Founder David White and Axio Senior Cybersecurity Adviser Richard Caralli. The entire data set in the report comes from actual users of the Axio360 platform performing a ransomware preparedness assessment. The assessment is based on hundreds of real ransomware events, US Department of Homeland Security guidance, and our own research. The tool lets you assess your ransomware posture across 65 core cybersecurity practices in 8 domains.
Robust ransomware preparation is what enables the best cybersecurity protection and response for business continuity and public safety. The Axio360 ransomware preparedness tool continues to be used at over 100 critical infrastructure organizations to benchmark their readiness and is an important starting point for improving ransomware posture.
Our research findings show many organizations have still not gotten the fundamentals right— and are not practicing basic cyber hygiene. This is concerning as attackers are very prepared adversaries, eager to exploit these weaknesses and ready to strike with great tools at their disposal.
“The practices and controls that seemingly are the easiest to do in an organization are still the things that organizations struggle with the most—whether it is ensuring critical vulnerabilities are patched within 24 hours or ensuring continuous security of high-value privileged accounts. Only 24% of organizations report to be patching systems within a day-a scary figure considering the continued digitization of the modern company,” says Caralli.
In the report, we identified seven key areas where organizations are deficient in implementing and sustaining basic cybersecurity practices.
Those seven key areas are:
- Managing privileged access
- Improving basic cyber hygiene
- Reducing exposure to supply chain and third-party risk
- Monitoring and defending networks
- Managing ransomware incidents
- Identifying and addressing vulnerabilities in a timely manner
- Improving cybersecurity training and awareness
Not all of our findings were concerning. We had some good news to share. For example, we found 89% of respondents had restricted unnecessary ports, protocols, services, and software, and that 86% of respondents had taken countermeasures against the delivery of malicious payloads from websites. Other positive cybersecurity measures include:
Anti-virus solutions incorporating behavioral analysis (practiced by 89% of respondents)
Controls over potentially vulnerable services such as remote desktop protocol (83%)
“While these statistics are encouraging,” Caralli notes, “the exponential growth of ransomware attacks demands that organizations consider these practices as requisite to their cybersecurity program, providing the foundation for improvement that will be needed to keep pace with ransomware innovation and velocity in the future.”
You can download the report to see all the results from our research, and we encourage you to request a demo of Axio360. Ransomware preparedness is just one of many assessments in the platform you can perform.