One of the more fascinating aspects of the recent presidential election in the US has been the delineation of sharp differences in points of view among the electorate. Those doing well celebrate indicators of economic and social improvement, while those struggling see little to no evidence of such things. Or, as my wise mother liked to say, “Where you stand depends on where you sit.” So writes Michael Dortch of IT asset management product company LANDESK.
Similar dichotomies exist when the focus shifts to cybersecurity in general, and ransomware in particular. And some of them are disturbing at best and threatening to the ability of businesses to do business at worst.
Ransomware
Research conducted by IBM X-Force and reported widely in December 2016 found that 40 percent of spam emails sent in 2016 contained ransomware, and that one in two executives surveyed have experienced a ransomware attack at work. Yet just 31 percent of surveyed consumers had even heard of ransomware—yet.
Law enforcement encourages those who suffer ransomware attacks to report those attacks. Many also argue that paying ransoms just rewards and encourages criminals and future attacks. Yet IBM X-Force found that “Seventy percent of businesses hit by ransomware paid the hackers to regain access to systems and data.” Further, “Nearly 60 percent of business leaders said they would be willing to pay the ransom to regain access to financial records, intellectual property, business plans and consumer data,” HealthcareITNews.com reported.
Cybersecurity skills
Beyond ransomware, there are divergent views of the availability of skilled cybersecurity personnel. As reported by Computerworld in November, the US federal government argues that there’s no cybersecurity skills shortage, citing as evidence a successful job fair held by the Department of Homeland Security in July. But a study conducted by Intel Security and the Center for Strategic and International Studies and released the day before that job fair “pointed to a ‘talent shortage crisis’ of cybersecurity skills.”
Executive perception
Perhaps the most troubling disconnect is between the perception of cybersecurity readiness among some business executives and the realities confronting their enterprises. As reported by DarkReading in November, Accenture “surveyed 2,000 top security execs representing companies with annual revenue of $1B or more, to gauge their perceptions of cyber risk and the effectiveness of current security efforts and investments.” Accenture found that the enterprises they surveyed experienced about 106 coordinated attack attempts per year, and that approximately one in three such attacks resulted in a security breach. Yet 75 percent of those surveyed said they can sufficiently defend their organisations, while 70 percent said that their enterprises had “a strong attitude towards cybersecurity.” Further, “[t]he majority of respondents say internal breaches have the biggest impact; however, 58 [percent] prioritise developing perimeter security over focusing on high-impact insider threats,” DarkReading reported.
The bottom line
Regardless of your point of view regarding ransomware and other cybersecurity issues—or the viewpoints of others around you, some things are incontrovertible.
Ransomware and other threats are growing in number, sophistication, and scope.
These threats are not going away anytime soon.
Your enterprise, regardless of its size or primary business, grows more dependent upon its IT infrastructure every single day.
To survive and thrive, your enterprise needs the most modern and effective IT infrastructure and cybersecurity solutions and processes it can muster.
Resolve now to hit the ground running in 2017 with the solutions and processes your enterprise needs to modernise IT and protect itself effectively against even the most persistent and pervasive threats.
