Security News > 2021 > December > Ransomware and terrorism: For security pros the threat is equal
Venafi announced the findings of a global survey of more than 1,500 IT security decision makers that reveals that 60% of security professionals believe ransomware threats should be prioritized at the same level as terrorism.
37% of respondents would pay the ransom but 57% would reverse that decision if they had to publicly report the payment, as required by the Ransomware Disclosure Act, a U.S. Senate bill that would require companies to report ransomware payments within 48 hours.
Despite the rising number of ransomware attacks, 77% say they are confident the tools they have in place will protect them from ransomware attacks.
"The fact that most IT security professionals consider terrorism and ransomware to be comparable threats tells you everything you need to know; these attacks are indiscriminate, debilitating and embarrassing," said Kevin Bocek, VP ecosystem and threat intelligence at Venafi.
"Unfortunately, our research shows that while most organizations are extremely concerned about ransomware, they also have a false sense of security about their ability to prevent these devastating attacks. Too many organizations say they rely on traditional security controls like VPNs and vulnerability scanning instead of modern security controls, like code signing, that are built-in to security and development processes."
The study shows that most organizations are not using security controls that break the ransomware kill chain early in the attack cycle.
News URL
https://www.helpnetsecurity.com/2021/12/30/ransomware-threats-prioritized/
Related news
- Obsidian Security Warns of Rising SaaS Threats to Enterprises (source)
- Volkswagen monitoring data dump threat from 8Base ransomware crew (source)
- Eliminating AI Deepfake Threats: Is Your Identity Security AI-Proof? (source)
- AWS security essentials for managing compliance, data protection, and threat detection (source)
- Privileged Accounts, Hidden Threats: Why Privileged Access Security Must Be a Top Priority (source)