Ransomware is now the biggest cybersecurity concern for CISOs

Phishing, account compromise and business email compromise attacks are all worries for organisations - but it's fear of ransomware attacks that is causing the biggest concern.
Written by Danny Palmer, Senior Writer

Ransomware is the biggest cybersecurity concern facing businesses, according to those responsible for keeping organisations safe from hacking and cyberattacks.

A survey of chief information security officers (CISOs) and chief security officers (CSOs) by cybersecurity firm Proofpoint found that ransomware is now viewed as the main cybersecurity threat to their organisation over the course of the next year.

Almost half – 46% – of CSOs and CISOs surveyed said that ransomware or other forms of extortion by outsiders represents the biggest cybersecurity threat.

SEE: Security Awareness and Training policy (TechRepublic Premium)

Ransomware continues to be one of the most damaging and disruptive cyberattacks, while for cybercriminals, encrypting networks and demanding bitcoin in exchange for the decryption key is the easiest way to quickly make a large amount of money from a hacked network.

A significant percentage of organisations will pay the ransom – which can amount to millions of dollars – because they perceive it as the quickest means of restoring the network and the least amount of further disruption to the business. And it's because these ransoms are paid that ransomware remains so appealing – and lucrative – for cybercriminals.

Some of the other cyberattacks that CISOs consider the to be the biggest threats this year include cloud account compromise, insider threats, phishing and business email compromise attacks.

While not as visible as ransomware attacks, all of these cyber threats can also cause problems for organisations – especially if hackers are able to combine attacks like phishing and compromising cloud account login credentials in order to gain further access to networks.

Often, these kinds of attacks are used in the early stages of efforts to compromise networks with ransomware, so securing the network against one particular form of cyberattack could go a long way to protecting it from others as well.

Fortunately, improving IT security in one way or another appears to be a priority for the majority of – although not all – organisations. Half of CISOs listed improving employee awareness of cybersecurity as a priority over the next 12 months, while almost as many said upskilling the organisation by hiring new talent or developing the skills of current employees is something their organisation is looking at.

Nonetheless, cybercriminals will also continue to adapt and evolve – and it's important for organisations not to get complacent when it comes to cybersecurity and to have a firm understanding of their own networks.

"Cybercriminals are focused and constantly improving their skills and techniques. This makes it difficult for CISOs to pre-empt the timing, size, and shape of the next attack, even though they recognise the growing cyber risks facing their organisation," Andrew Rose, resident CISO at Proofpoint told ZDNet.

"It is easy to become overwhelmed by this, so my advice to CISOs is to focus on gaining a deep understanding of who within your organisation is being attacked and who is most vulnerable. This is vital to be able to understand which threats should be prioritised," he added.

In addition to training and awareness schemes, organisations can help protect against ransomware and other attacks by applying security patches when they're released, preventing hackers from exploiting known vulnerabilities.

Using additional protection like two-factor authentication across the organisation can also help prevent damaging attacks by making it much harder for hackers to move around the network, even if they've got the correct credentials.


Editorial standards