2021 State of Ransomware Preparedness research report highlights widespread cyber security hygiene deficiencies
- Published: Friday, 22 October 2021 08:13
Axio has released its 2021 State of Ransomware Preparedness research report. The report reveals that many organizations are not equipped to defend against ransomware due to deficiencies in implementing and sustaining basic cyber security practices.
The report identifies several emerging patterns that yield insights into why organizations are increasingly susceptible to ransomware attacks. The data pinpoints seven key areas where organizations are deficient in implementing and sustaining basic cyber security practices:
- Management of privileged access
- Basic cyber hygiene
- Exposure to supply chain risk
- Network monitoring
- Incident management
- Vulnerability management
- Training and awareness.
Overall, most organizations surveyed were not adequately prepared to manage the risk associated with a ransomware attack.
Key data findings include:
- Nearly 80 percent of organizations responded that they have not implemented or have only partially implemented a privileged access management solution.
- Only 36 percent of respondents indicated that they audit the use of service accounts, a type of privileged account, on a regular basis.
- Only 26 percent of respondents deny the use of command-line scripting tools (such as PowerShell) by default.
- 69 percent of organizations indicated that they do not limit access to the internet for their Windows domain controller hosts.
- Only 29 percent of respondents evaluate the cyber security posture of external parties prior to allowing them access to the organization’s network.
- Only 50 percent of respondents conduct user awareness training for employees on email and web-based threats, such as spear-phishing and watering hole attacks, on an annual basis.