A staggering 78% of organisations face ransomware attacks multiple times within a year, exposing a dangerous gap between confidence and actual preparedness.

Shocking Survey Results

If your organisation feels confident about its ransomware defences, think again. Halcyon’s latest Ransomware CISO Survey paints a sobering picture of the current cyber security landscape.

While 88% of Chief Information Security Officers (CISOs) were confident in their ability to disrupt ransomware attacks and 85% believed they could quickly resume operations after an attack, the reality is far grimmer.

According to the survey:

The impact of these attacks is severe:

Overconfidence vs. Reality

Despite high confidence, these statistics reveal a dangerous level of overconfidence among organisations. Many companies overestimate their ability to prevent and recover from ransomware attacks. Halcyon suggests focusing on specific metrics to bridge this gap, including mean time to detection, mean time to respond, incident response plan effectiveness, Security Awareness Training, and overall cyber security hygiene.

Practical Steps to Improve Security

To effectively combat ransomware:

1. Monitor Key Metrics: Track mean time to detection and response to identify and mitigate threats promptly.
2. Enhance Incident Response: Regularly update and test your incident response plan to ensure it remains effective.
3. Prioritise Awareness Training: Invest in continuous security awareness training for employees to reduce human error. We’d be happy to help.
4. Maintain Cyber Hygiene: Implement regular updates, patches, and security audits to discover any gaps and minimise vulnerabilities.

Our Thoughts

The ongoing pace of ransomware attacks highlights an urgent need for organisations to reevaluate their cyber security strategies. Having basic IT support and antivirus just doesn’t cut it these days.

Overconfidence can lead to complacency, making companies more vulnerable to repeated attacks. By focusing on robust security measures and ongoing employee training, organisations can better protect themselves against the growing ransomware threat.

What should a company do after a ransomware attack?

After a ransomware attack, organisations should immediately isolate affected systems, inform relevant authorities, and initiate their incident response plan. If they don’t have one, they should consult with their department or Cyber Insurance vendor to get one in place. It’s also crucial to communicate with stakeholders and seek expert assistance to manage the aftermath effectively.

Reporting a Live Cyber Attack

If your business, charity, or organisation is experiencing an active cyber attack, please call 0300 123 2040 immediately. This helpline is operational 24/7.

Reporting a Cyber Security Incident

In the event of a cyber attack or related cyber security incident, businesses may need to report the issue to the Information Commissioner’s Office (ICO). According to the General Data Protection Regulation (GDPR) effective from May 25, 2018, reporting data breaches to the ICO within 72 hours is mandatory. For more information on when and how to report a cyber security incident to the ICO, please refer to their official guidelines.

The staggering frequency of ransomware attacks displays a constant need for robust cyber security measures. By focusing on key metrics and improving incident response and employee training, organisations can better defend against these pervasive threats. For comprehensive phishing simulations and security awareness training, reach out today to discuss how we can help strengthen your defences.