Search

Most Business Executives Would Be Willing To Pay Cyber Ransoms: New Survey - Forbes

sinayamars.blogspot.com

A day after the Biden administration announced new initiatives to combat ransomware attacks, a poll released today found that 78% of C-suite executives would be willing to pay a cyber ransom; 56% said they would be willing to pay over $100,000 in order to resume business operations.

The international survey of 1,400 senior IT decision-makers and business executives in the U.S., U.K. and Canada was commissioned by security company Arctic Wolf and conducted in August 2021. The result show a lack of faith and confidence that business leaders have in government — and their own staff — to protect them or even identify cyber threats.

Major survey findings include:

Lack Of Faith

  • Executives lack faith in the government's ability to protect them from cyber threats. Sixty percent of organizations believed that spending on new security tools and services is the most effective way of stopping attacks. 

Lack Of Confidence

  • Three-quarters (74%) of executives at companies that have adopted hybrid work believe their in-house IT and security teams lack the capability and expertise to fend off ransomware or other sophisticated cyberthreats.
  • 60% of executives believe their individual employees could not identify a cyber-attack targeting their business in any working location.

Futile Efforts

  • Only 15% of U.S. executives believe that diplomacy effectively stops future cyberattacks. By contrast, 31% believe retaliatory cyberattacks against foreign nations would be effective. 

Ill-Prepared Executives

"The constant reports of successful ransomware attacks and growing cyber threats from foreign adversaries over the past year have left executives feeling ill-prepared to protect their businesses against sophisticated attacks,’’ said Ian McShane, field chief technology officer of Arctic Wolf.

‘’[T]hat belief has only been compounded by the operational challenges of running a business in a hybrid work environment,"

An Operational Problem

"The best way for organizations to break out of this cycle of fear and uncertainty is for them to recognize that they don't have a tools problem, but an operational one and that embracing security operations will allow them to address the rapidly evolving threat landscape with ease and simplicity,’’ McShane said.

Paying Ransoms Are Business Decisions

Mark Manglicmot, Arctic Wolf’s vice president of security services, said, “Despite best efforts, [yesterday’s] announcement from the Treasury Department may not stick due to the complexities of the cybercriminal ecosystem.

“The decision to pay a ransom is ultimately a business decision; if companies are no longer in the position to pay the ransom, the onus will be on the government to communicate and negotiate with organized cybercrime gangs, no matter who the target is. These sanctions will not inhibit threat actors from demanding a ransom, and the many consequences of ransomware will remain – downtime, access to [social security and other personal information], reputational damage, and more,” he said.

Why Companies Pay Ransoms

Mark Sangster, vice president of security strategy for eSentire, said, ’Most companies pay ransoms because they were unprepared and could not respond rapidly enough to block the attack, or recover quickly enough after they sustained an outage. They make payments to accelerate their recovery time, or limit the losses and leverage insurance coverage and tax deductions to mitigate the payment impact.

‘’Help companies understand the business risks, arm them with ways of identifying attacks, and foster cooperation, rather than driving acts of self-preservation underground,’’ he recommmended.

Advice For Business Leaders

Be More Proactive And Responsive

Jay Solomon, a senior director at APCO Worldwide, said, “Executives are going to have to be much more proactive and responsive to these cyber intrusions. This will include being upfront and straightforward with employees, investors, clients, and vendors impacted by the data breach. This will pose a real threat to a company’s reputation and public profile.”

He observed that, “... the onus will increasingly be on companies—big and small—to effectively navigate incidents such as ransomware attacks, and also not engage in any activities that may facilitate ransomware payments to avoid civil penalties by the Treasury’s Office of Foreign Assets Control.

“Practically, this means that if a company is targeted in a ransomware attack, instead of cooperating with the cybercriminals, it must notify the authorities and not meet the payment demands—even if it may result in critical damages to its systems—which could leave many companies stuck between a rock and a hard place,” he concluded.

Opportunities

Arctic Wolf’s McShane observed that, ‘’In light of the uncertainties in the geopolitical cyber stage and the challenges facing a hybrid workforce, leaders have an opportunity to unite and work collaboratively with government leaders and within their own organizations to develop a cybersecurity posture that can stand a chance against the ransomware crisis the private and public sector are facing.”

Adblock test (Why?)



"pay" - Google News
September 22, 2021 at 08:03PM
https://ift.tt/3lRp5No

Most Business Executives Would Be Willing To Pay Cyber Ransoms: New Survey - Forbes
"pay" - Google News
https://ift.tt/301s6zB


Bagikan Berita Ini

0 Response to "Most Business Executives Would Be Willing To Pay Cyber Ransoms: New Survey - Forbes"

Post a Comment

Powered by Blogger.