On the surface, ransomware attacks seem sophisticated and complex. Seemingly out of nowhere, criminals gain access to a company’s or institution’s data or systems, locking the rightful owners out unless and until they pay a hefty price. Due to their random and devastating nature, it is easy for security teams to adopt a fatalistic attitude about ransomware attacks, mistakenly believing that they can do little or nothing to avoid them.
In its 2021 State of Ransomware Preparedness report, Axio revealed the fallacy of this line of thinking. As it turns out, many organizations have severe flaws in the underlying foundations of their security practices that make them more vulnerable to ransomware attacks.
Specifically, there are seven key areas where organizations are falling short when it comes to security policies and practices:
• Basic cybersecurity hygiene
• Managing who has access to administrative privileges
• Supply chain risk assessment
• Security incident management
• Network monitoring
• Vulnerability management
• Training and security awareness.
The vast majority of the organizations surveyed are ill-prepared for a ransomware attack. For instance, the data indicates the following:
• Almost 80 percent of them have either not implemented or only partially put in place a privileged access management strategy;
• Only 36 percent of the surveyed organizations audit the use of service accounts
• Only 26 percent deny the use of command-line scripting tools by default
• Only 31 percent limit internet access to their Windows domain controller hosts
• Only 29 percent conduct thorough evaluations of third-party vendors’ security postures before allowing them access to their data and systems
• Only half of those surveyed conduct yearly training regarding email and web-based security threats.
While ransomware and other cybercrimes seem to be a permanent fixture on the threat landscape, enacting preventive measures to bolster these cybersecurity foundations can minimize organizational risk.