Most organizations still don’t have the basics to tackle ransomware: vendor

Content of the article
The failure of information security officials to implement basic controls over privileged access accounts is one of the main reasons ransomware attacks are successful, according to a report from the vendor.
Advertising
This ad has not yet loaded, but your article continues below.
Content of the article
âOverwhelmingly, the most concerning finding in our data was the widespread lack of
basic controls over credentials and privileged access, âsays the study from Axios, which sells a cyber risk management platform, after studying anonymized data from more than 100 organizations that have used its ransomware readiness assessment tool.
The overall finding of the study, published Tuesday in a report titled State of Ransomware Preparedness, is that most organizations surveyed were not sufficiently prepared to manage the risk associated with a ransomware attack, in large part because many were not still lack the basic cybersecurity controls necessary to stem an attack.
Among the discoveries:
âAlmost 80 percent of organizations using the tool had not implemented or only had
partially implemented a privileged access management solution;
âOnly 36% regularly verified the use of Windows service accounts, a type of privileged account;
âOnly 26% denied using command line scripting tools such as
PowerShell by default;
â69% did not restrict Internet access for their Windows domain controller hosts;
âOnly 29% assessed the cybersecurity posture of external parties before allowing them access to the organization’s network;
âOnly half conducted annual user awareness training for employees on emails and
web-based threats.
Advertising
This ad has not yet loaded, but your article continues below.
Content of the article
âOrganizations may have forgotten to maintain the most fundamental cybersecurity practices,â the report says. âThey fail on the basics. Although it cannot
Fully explaining why organizations are increasingly falling victim to ransomware attacks is undeniably a contributing factor.
What the report’s authors said was the most concerning finding was the widespread lack of
basic controls over credentials and privileged access.
Ransomware attackers often prioritize ‘training’ attacks to gain access to privileged credentials so that they can be used to develop attacks.
and more destructive campaigns, according to the report. Using privileged credentials to
ransomware attacks usually result in much more extensive and generalized control
on an organization’s network and IT resources, making it much more difficult
eradicate.
Advertising
This ad has not yet loaded, but your article continues below.
Content of the article
At least 70% of ransomware readiness tool users said they
do not impose restrictions on where privileged credentials can be used (for example, they allow use on infrastructure that is not intended for administrative work), 63% did not fully or widely implemented two-factor authentication for using privileged credentials, and only 42% reported recording activities performed with privileged credentials.
The report urges CIOs and CISOs to
âAssess their commitment to controlling and securing privileged identification information;
âImprove the defensive posture of their operational environments;
âCheck their level of supply chain risk;
âMaintain and update their ransomware incident response plan;
– reassess their capacity to manage vulnerabilities.
The full report is available here . Registration is compulsory.
The post office Most organizations still don’t have the basics to tackle ransomware: vendor first appeared on TI World Canada .
This section is powered by TI World Canada. ITWC covers the business IT spectrum, providing news and information to IT professionals aiming to succeed in the Canadian market.
Advertising
This ad has not yet loaded, but your article continues below.