IT disaster recovery, cloud computing and information security news

Survey reveals the important role of ‘malicious insiders’ in successful ransomware attacks

Details

Gigamon has published the State of Ransomware 2022 and Beyond report, aimed at providing valuable insights on how the ransomware threatscape is evolving. According to the global survey of IT and security leaders across the US, EMEA, and APAC, nearly one-third of organizations have suffered a ransomware attack enabled by a malicious insider - a threat seen as commonly as the accidental insider (35 percent). Furthermore, 59 percent of organizations believe ransomware has worsened in the last three months, with phishing (58 percent), malware/computer viruses (56 percent) and cloud applications (42 percent) cited as other common threat vectors.

As the ransomware crisis worsens, threat actors like Lapsus$ group are now well-known for preying on disgruntled employees to gain access to corporate networks – 95 percent (and 99 percent of CISOs/CIOs) view the malicious insider as a significant risk. 66 percent of these respondents now have a strategy for addressing both types of insider threats. However, the report says that it’s clear that many organizations lack the visibility required to distinguish which type of insider threat is endangering their business, which makes it significantly harder to mitigate risk.

Additional key findings include:

Ransomware is seen as a board-level priority
89 percent of global boardrooms see ransomware as a priority concern, a number that rises in the UK (93 percent), Australia (94 percent) and Singapore (94 percent). When asked how this cyber threat is viewed, the leading perception across all regions was that it is a ‘reputational issue’ (33 percent).

Cyber insurance is causing concern
57 percent of those surveyed agreed that the cyber insurance market is exacerbating the ransomware crisis. In APAC, where cyber insurance is most commonly employed, this concern is felt by 66 percent of Australian respondents and 68 percent of those in Singapore.

The US is leading the way with zero trust
While EMEA may have lost some confidence in implementing zero trust, 59 percent in the US agree that this framework is attainable.

More details.


Want news and features emailed to you?

Signup to our free newsletters and never miss a story.

The Hunt for Hidden Risks
The Impact Tolerance Guide

Additional Resources

A website you can trust

The entire Continuity Central website is scanned daily by Sucuri to ensure that no malware exists within the site. This means that you can browse with complete confidence.

Business continuity?

Business continuity can be defined as 'the processes, procedures, decisions and activities to ensure that an organization can continue to function through an operational interruption'. Read more about the basics of business continuity here.

Get the latest news and information sent to you by email

Continuity Central provides a number of free newsletters which are distributed by email. To subscribe click here.