Image: Peter Dazeley/Getty Images.
Victims of ransomware attacks still mostly choose to pay the ransom, with more than half paying more than $100,000 to regain access to their system and data.
Additionally, organizations fear and closely monitor the potential of generative artificial intelligence (AI), which opens new avenues for cyberattacks.
Victims who pay (dearly) the ransom
In a study conducted by Splunk, 96% of respondents had experienced a ransomware attack. Of these, more than half (52%) rated the impact of the attack on their business systems and operations as significant.
Additionally, 83% admitted to paying a ransom, according to the “2023 CISO Report.” This report is the result of quantitative surveys of 350 security managers and executives across 10 markets, including Australia, Germany, India, Japan and Singapore. The study also includes qualitative research based on one-hour telephone interviews with 20 cybersecurity leaders in Canada, the United States and the United Kingdom.
Of the organizations that paid a ransom, 53% paid more than $100,000 – 9% of them exceeded $1 million. Some 18% paid the ransom directly to the attackers, while 37% did so through cyber insurance and 28% through a third party.
Better cooperation to better protect yourself
To strengthen their cyber resilience and visibility, respondents indicated that collaboration across all trades is necessary. Some 92% of them saw a significant or moderate increase in cybersecurity collaboration between their security, IT and engineering teams. These links have also been strengthened through digital transformation initiatives, cloud-native software development or greater attention to risk management.
Furthermore, 77% describe their collaboration with IT and development teams on analyzing and resolving the root causes of incidents as “good”. 42%, however, believe that there is room for improvement.
Among the top security concerns, 40% of respondents point to social engineering, while 37% are concerned about threats related to operational technologies and the Internet of Things (IoT). 33% are concerned about ransomware attacks.
AI is transforming cyberattacks and cyberdefenses
Among the fears of those surveyed, around 70% are concerned about generative AI and what it can bring to cyberattackers. For 36% of them, attacks will be faster and more effective thanks to this technology.
Furthermore, 36% of respondents believe that this technology could be used for identity theft – using voice and image – for social engineering purposes. 31% are most concerned about expanding their supply chain attack surface.
However, 35% of respondents say they are experimenting with this technology to strengthen their cyber defense, particularly in malware analysis and workflow automation. For example, 26% use AI to analyze data sources to determine which ones should be optimized or deleted, while 23% use generative AI to create detection rules. Most CISOs (93%) have largely or moderately integrated automation into their processes.
Better training
Additionally, 86% of respondents believe generative AI helps fill skill gaps and shortages within a security team, supporting labor-intensive and time-consuming functions , and freeing security personnel to focus on more strategic tasks.
These employees would also need more training, with 46% of respondents planning to update their security teams’ knowledge of effective rapid engineering. Additionally, 39% of respondents indicated that they are working to train their employees to better understand the threats that could arise with generative AI.
Still, CISOs are concerned about tool flux, with 88% highlighting the need to reduce the number of security analysis and exploitation tools in favor of other applications, such as threat intelligence, SOAR (security orchestration, automation and response) and SIEM (security information and event management).
Source: ZDNet.com