Most businesses feel they can't fully prevent ransomware attacks
Only 45 percent of respondents to a recent survey believe it is currently possible to prevent all malware threats from infiltrating their organization's network.
The survey from Deep Instinct does show some longer term optimism though. 66 percent of respondents believe it may be possible to prevent all malware threats from infiltrating their organization's network in the next two to five years.
Part of the problem is the time taken to deal with incidents. The study shows that it currently takes SecOps teams the better part of 24 hours to respond to a typical cyber event once it has been detected. Remediation then often takes several additional days -- and sometimes weeks or months. According to 35 percent a lack of qualified SecOps staff causes challenges for incident response.
"People just don't have the staff in place to actually implement prevention measures," says Brooks Wallace, VP EMEA at Deep Instinct. "The volume of endpoints has increased so much, because of working from home or a hybrid model on the back of COVID, that they don't know what their status is, and therefore they don't have protection on the endpoints that are coming in and going on their network. That presents a very big risk in terms of understanding what agents they have deployed from what devices and who owns those devices."
Only five percent of respondents say the have no security concerns about a hybrid workforce. Clearly, nearly all of those surveyed see security gaps that should be addressed.
"Employees are now in the field more than they ever have been before," adds Brooks. "Even if you have good endpoint protection on your device, if it's a reactive technology and not preventive, then if you're at home and working and your children have somehow compromised your home network, you have a problem that you may take back and be the carrier that lets a virus in your organization. That's really where the threat is, not knowing who has what devices."
The continued move by organizations to enable greater collaboration between users, partners, suppliers and customers by enabling third-party access to upload documents and files to the cloud, has raised concerns too. 68 percent of respondents to the study have some concern with regard to the unwitting upload of malicious files. Though CISO's are five percent less likely than their staff to be very concerned about this issue.
Among other worries raised by the report is hidden persistence, whereby threat actors discreetly maintain long-term access to systems despite disruptions such as restarts or changed credentials. This is the most feared tactic for 40 percent of respondents as it can used to launch large-scale attacks.
The full report is available from the Deep Instinct site.
Photo credit: Ton Snoei / Shutterstock