Only 30% Of The Small Organizations Have Plans For Responding To Ransomware Crises

Ransomware attacks are more prevalent than ever, and they’re wreaking havoc across a range of industries. During the first half of 2022, there were a total of 236.1 million ransomware attacks worldwide. The 2022 State of Ransomware Preparedness Report, released yesterday by cyber risk management company Axio, revealed that only 30% of surveyed organizations had a ransomware-specific playbook. Active phishing training has improved but is still not practiced by 40% of organizations, according to the survey.

Struggling With The Basics Of Cybersecurity Hygiene
“Organizations continue to struggle with the basics of cybersecurity hygiene and risk management,” Richard Caralli, senior cyber security advisor.
“Business leaders across every sector should not wait for a ransomware event to be their wake-up call. Nor should they expect their cyber insurance providers to cover their losses if the organization cannot demonstrate even basic cybersecurity maturity,” he warned.

Axio said it identified “several emerging patterns that yield insights into why organizations are increasingly susceptible to ransomware attacks.
Seven key areas where organizations were deficient in implementing and sustaining basic cybersecurity practices:

  • Managing privileged access
  • Improving basic cyber hygiene
  • Reducing exposure to supply chain and third-party risk
  • Monitoring and defending networks
  • Managing ransomware incidents
  • Identifying and addressing vulnerabilities in a timely manner
  • Improving cybersecurity training and awareness

Some Good News
On the good news front, the Axio survey found that many of the surveyed companies had at least taken some basic steps to ensure the security of their networks. Those steps included:

  • Anti-virus solutions incorporating behavioural analysis (practised by 89% of respondents)
  • Restrictions on unnecessary ports, protocols, services, and software (89%)
  • Countermeasures against delivery of malicious payloads from websites (86%)
  • Controls over potentially vulnerable services such as remote desktop protocol (83%)
  • Routing of internet traffic through security appliances such as DNS or web proxy filters (83%)