IT disaster recovery, cloud computing and information security news

Cybereason has published a global study of 1,200+ security professionals at organizations that have previously suffered a successful ransomware attack on a holiday or weekend.

The report, ‘Organizations at Risk: Ransomware Attackers Don't Take Holidays’, found that the vast majority of security professionals expressed high concern about imminent ransomware attacks, yet nearly half felt they do not have the right tools in place to manage this area. In addition, nearly a quarter (24 percent) still do not have specific contingencies in place to assure a prompt response during weekend and holiday periods despite having already been the victim of a ransomware attack.

Organizational impact

Lack of preparedness for ransomware attacks on weekends and holidays has a significant impact on victim organizations, with 60 percent of respondents saying it resulted in longer periods to assess the scope of an attack, 50 percent reporting they required more time to mount an effective response, 33 percent indicating they required a longer period to fully recover from the attack. This research validates the assumption that it takes longer to assess, mitigate, remediate, and recover from a ransomware attack over a holiday or weekend.

Technology issues

Another indicator of the disconnect between the perceived risk and preparedness includes the fact that although 89 percent said they are concerned about attacks during weekend and holiday periods, 49 percent said the ransomware attack against their organization was successful because they did not have the right security solutions in place. Just 67 percent of organizations had a NextGen Antivirus (NGAV) solution deployed at the time of the attack, 46 percent had a traditional signature-based antivirus (AV) in place, and only 36 percent had an Endpoint Detection and Response (EDR) solution in place.

The human element

On the human side of the equation, 86 percent of respondents indicated they have missed a holiday or weekend activity because of a ransomware attack, a situation that can factor into employee job satisfaction and potential burnout.

One surprising finding in the study included 70 percent of respondents confessing that they have been intoxicated while responding to a ransomware attack during a weekend or holiday, a risk factor that many organizations may not have accounted for in their incident response planning.

More details.

Want news and features emailed to you?

Signup to our free newsletters and never miss a story.

A website you can trust

The entire Continuity Central website is scanned daily by Sucuri to ensure that no malware exists within the site. This means that you can browse with complete confidence.

Business continuity?

Business continuity can be defined as 'the processes, procedures, decisions and activities to ensure that an organization can continue to function through an operational interruption'. Read more about the basics of business continuity here.

Get the latest news and information sent to you by email

Continuity Central provides a number of free newsletters which are distributed by email. To subscribe click here.