Source URL: https://www.theregister.com/2025/01/28/research_security_pros_gain_ransomware/
Source: The Register
Title: Security pros more confident about fending off ransomware, despite being battered by attacks
Feedly Summary: Data leak, shmata leak. It will all work out, right?
IT and security pros say they are more confident in their ability to manage ransomware attacks after nearly nine in ten (88 percent) were forced to contain efforts by criminals to breach their defenses in the past year.…
AI Summary and Description: Yes
Summary: The text discusses findings from Ponemon Institute’s research on ransomware attacks, highlighting the increasing confidence of IT and security professionals in managing such threats. It also addresses new concerns regarding AI-generated ransomware, changes in perceptions about organizational vulnerabilities, and the impact of ransomware on brand reputation. The report underscores the need for robust security measures, including AI-driven defenses, microsegmentation, and operational resilience.
Detailed Description: The Ponemon Institute conducted a study involving 2,547 IT and security professionals to assess their confidence and perspectives regarding ransomware attacks. Key insights include:
– **Increased Confidence in Ransomware Management**:
– 88% of respondents experienced attempts to breach defenses in the past year.
– Confidence in capabilities to manage ransomware attacks has risen significantly.
– Belief in organizational vulnerability to attacks decreased from 68% in 2021 to 64% in 2024.
– **Concerns About Supply Chain and Data Leakage**:
– Concern about supply chain risks dropped from 75% in 2021 to 56%.
– Worries about data leakage decreased from 73% to 52%.
– **Brand Reputation Damage**:
– The most significant cost associated with ransomware attacks is now brand reputational damage, surpassing costs from downtime, legal actions, or forensic investigations.
– **Ransomware Attack Origins**:
– Nearly 45% of ransomware attacks were initiated through phishing.
– “Insider negligence” was highlighted as the primary cause.
– **AI Threat Perception**:
– For the first time, the report gauged concerns about AI’s role in ransomware, with 51% expressing high to extreme concern about AI-generated attacks.
– It recognized how AI can escalate the authenticity of phishing attacks and automate the attack path.
– Concerns noted about potential future capabilities of AI in creating evasive malware.
– **Use of AI in Cyber Defense**:
– 42% of professionals reported implementing AI-enhanced cybersecurity measures.
– The majority of AI marketing noise in the security sector is from defensive vendors.
– **Improvements in Incident Remediation**:
– Average remediation time for ransomware incidents dropped from 190 hours in 2021 to 132 hours in 2024.
– Average costs for dealing with ransomware incidents decreased from $168,910 to $146,685.
– **Call for Enhanced Security Strategies**:
– Experts stress the importance of operational resilience and security controls like microsegmentation to mitigate ransomware impacts effectively.
Overall, the findings indicate a cautious optimism among security professionals, as they adapt to evolving threats while grappling with the potential implications of AI in the realm of cybersecurity. Organizations are urged to invest in robust security frameworks to ensure operational continuity and protect against reputational damage during attacks.