Research Reveals Gaps in Ransomware Defense

A recent IDC survey commissioned by Druva found that almost half of organizations were successfully attacked with ransomware in the last three years. Today, this type of cyber threat will be knocking at your door, regardless of where you are in the world or your company size.

Everyone knows ransomware is a threat. Many have already planned for it. IDC’s survey showed this, with 76% of businesses citing data resilience as a top three priority. In addition, the survey found that 85% of organizations have a cyber-recovery playbook in place for intrusion detection, prevention, and response.

Not All That Glitters Is Gold

While this may seem promising, further results paint a grim picture for enterprises. Although 92% of businesses said the data-resiliency tools they use are “efficient or highly efficient,” 65% said they were forced to pay the ransom after getting hit with an attack. Nearly 50% of respondents said their companies experienced data loss.

With systems in place, an organization should ideally recover all their data from an attack without paying hackers. Yet, research is proving that this is harder than one might think with the existing tools. For example, the inability to determine the correct recovery point was cited as the No. 1 reason for data loss in the survey. 

Related:Ransomware Security for IT Pros: 2022 Report

“The problems aren’t that organizations don’t take cyberattacks seriously or that they don’t try to prepare; they most certainly do both in earnest,” the IDC report states. “The root issues are that no one knows what they don't know: the commonly used [DIY] approaches to cyber preparedness are insufficient — recovery is limited to the experience of those implementing it — many of whom may have no experience with an actual attack response.”

While the intent is there, it’s clear there’s a lot more work to do to successfully fight off threats.

Is Automation the Answer? IDC Says Yes.

As the number of applications, environments, and endpoints multiplies and creates more risk for organizations, a piecemeal approach to protection and recovery is no longer tenable. That is likely why the No. 1 desire for change when updating data resilience systems was fully automated and nondisruptive updates.

Automation improves security by reducing the likelihood of human error. As these organizations modernize, automation can keep a business’ protection environment up to date without depending on any people. In addition, an autonomous system can provide insights into unusual activity, which can help businesses detect, fight, and mitigate threats, and keep a business prepared for attacks. And IDC agrees: “We believe that artificial intelligence and machine learning is a key technology in the future battle against ransomware, as it is the only way to detect new attack methods.”

The final takeaway from IDC’s research is that it’s probably a good time to dust off your protection strategies and tools. A strategy that combines automation and adaptability will be key to surviving today’s threats.

Methodology: IDC’s study included a primary research survey based on the analysis of 505 respondents, evenly divided between North America, Europe, and Asia Pacific. Respondents included IT Practitioners, CIOs, CTOs, and COOs.