Despite WannaCry infecting thousands of PCs worldwide in 2017, ransomware has always remained one of the biggest threats to corporations worldwide. There is, however, new research that indicates that this persistent threat may be on the decline.
Privileged access management (PAM) provider Delinea, in partnership with Censuswide, has released the 2022 State of Ransomware Report, a comprehensive study of the latest forms of ransomware. There was a survey of 300 U.S.-based IT decision-makers conducted by the research firm, and results showed that only 25% of companies had been affected by ransomware attacks over the last calendar year.
This represents a 61% decline in incidents of theft from organizations over the last 12 months when 64% of organizations reported being victims in that period. Additionally, according to the report, the number of companies that paid ransoms decreased from 82% at the beginning of the study period to 68% at the end of the research.
The fact that these attacks are still common enough to cause serious data breaches is encouraging news for enterprises. However, security leaders cannot afford to become complacent in the face of attacks.
Ransomware: Why organizations should not be complacent
However, organizations should not relax their security precautions, although ransomware attacks appear to be declining. As ransomware breaches cost an average of $4.5 million, this is particularly significant when there is potential for an increase.
According to Joseph Carson, chief security scientist and advisory CISO at Delinea, ransomware remains a significant concern and a threat to any organization. He further continued that they saw some signs of complacency in the survey research. This could be a sign that ransomware will be on the rise in 2023.
An example of complacency is the decline in the number of organizations that include incident response plans, which is one of the signs of complacency. As a result, this number dropped from 94% to 71%. These circumstances may make it less likely for these companies to be able to respond to data breaches effectively. This may give threat actors more opportunities to steal critical data assets from these companies.
Actions to be taken proactively
Rather than succumbing to complacency, organizations should remain prepared while continuing to invest time, money, and effort in proactive security solutions to prevent breaches.
The key to protecting networks and systems from these types of attacks is making organizations more proactive about cybersecurity. This is especially true in areas where they are most vulnerable, such as identity management and access controls.
In Carson's view, the most pertinent aspect of this concerns adopting and enforcing the principle of least privilege and employing multifactor authentication (MFA) and password vaulting to decrease enterprises' vulnerability to ransomware attacks.
Furthermore, other measures can be taken to mitigate additional risks including frequent data backups, comprehensive incident response plans, and investing in cyber insurance policies.
