By Jaime Chanaga, Fortinet
Several high-profile ransomware attacks in recent months have made evident that companies are still unprepared for the rising threat of cyberattacks. A new global survey conducted by Fortinet found that although three out of four (78%) organizations detected ransomware attacks early and felt very prepared, a full half still fell victim to an attack. Even more telling, almost half (46%) were targeted two or more times.
As ransomware volume and frequency continue to climb – with over 10 thousand new variants identified in the first six months of 2022 alone – organizations must re-examine their security approach and think holistically to guard against the rising threat.
A new urgency
The Fortinet survey explores global cybersecurity leaders’ perspectives on ransomware, focusing on its impact over the last year and their strategies to mitigate an attack. Based on their responses, it is clear that organizations must go beyond simple detection to enable more effective real-time responses.
The current trend of selecting the best point product no longer works in today’s threat landscape. According to the survey, the organizations that took a best-of-breed approach were more likely to fall victim to ransomware. Conversely, those who took a more consolidated or platform approach were less likely to be impacted.
If your organization thinks ransomware insurance is the answer, beware: while almost all organizations (88%) reported having cyber insurance, nearly 40 per cent received less than they expected.
The takeaway for all organizations is clear: It’s time to look at cybersecurity as an integrated whole, not simply individual projects or products.
A fundamentally different approach
Whether they avoided an attack or not, almost all respondents (99%) in the survey recognized the value of integrated solutions or platforms in preventing ransomware attacks. Adding tools to an already overloaded toolbox can increase risk as the proliferation of devices and vendors can leave security teams struggling to get everything to operate together.
That’s why Fortinet’s Security Fabric, a unified cybersecurity platform, connects over 50 natively integrated, enterprise-grade products by focusing on open APIs and a robust technology alliance ecosystem. This security mesh architecture approach can help organizations reduce complexity, improve prevention and detection, and speed up incident triage, investigation and response.
According to the survey, the technologies viewed as most essential to secure against ransomware included IoT Security, SASE, Cloud Workload Protection, NGFW, EDR, ZTNA, and Security Email Gateway. Top investment priorities for the future included threat detection powered by AI and machine learning and more centralized monitoring tools to speed up cyber-threat response times. Luckily, despite a challenging global economic environment, nearly all organizations (91%) expect increased security budgets next year.
It’s not just about technology
While ensuring the right technology and investment is critical to meeting the challenge of today’s threat landscape, the survey results also highlighted other risks. The first was the threat landscape’s growing sophistication; the others were related to people and processes. This finding confirms that a holistic approach to cybersecurity must also prioritize people.
Phishing, for example, remains the top tactic (56%) for malicious actors trying to infiltrate a network to launch a ransomware attack. Unfortunately, it takes an employee just one lapse in judgment for threat actors to gain a foothold. Often, employees are the first line of defense, making ongoing cybersecurity awareness education and training programs a critical part of any risk management strategy.
Supporting your frontline security personnel and establishing effective processes is another way to improve an organization’s security stance. Trusted vendors can bolster internal security teams by providing access to services such as Incident Readiness Assessments and Tabletop Exercises, Ransomware Readiness Assessments, SOC-as-a-Service, and SOC Readiness Assessments. Upskilling existing staff is another priority and can be accomplished through external training providers such as the Fortinet Training Institute.
Look to the future
Based on its success rate, the ransomware threat will continue to be a fact of life for organizations across the globe. Yet, security leaders are not powerless, and there are many actions they can take to protect their data and networks from ransomware attacks. Strategic investments in a consolidated platform approach will better safeguard organizations and make incorporating AI-driven tools and automation easier. Investing in processes and people can also pay off by improving your security stance through external testing, monitoring external vulnerabilities, and educating employees on spotting potential cyberattacks. By investing in these essential steps today, organizations can decrease the risk of a ransomware attack tomorrow.
Jaime Chanaga is Field CISO for Canada, Latin America, and the Caribbean at Fortinet.
