A RECENTLY released cybersecurity survey has identified that almost one-third of organizations have suffered ransomware attacks enabled by a malicious insider, a threat seen nearly as commonly as the accidental insider (35 percent).
According to our Gigamon "State of Ransomware 2022 and Beyond" report by deep observability company, a global survey of IT and Security leaders across the US, EMEA and APAC, 59 percent of organizations believed ransomware has worsened in the last three months, with phishing (58 percent), malware/computer viruses (56 percent) and cloud applications (42 percent) cited as other common threat vectors.
As the ransomware crisis worsens, threat actors like the Lapsus$ group are now well-known for preying on disgruntled employees in order to gain access to a corporate network. As a result, the survey by our deep observability company found that of those who are seeing insider threats as a cause for increasing ransomware attacks, 95 percent (and 99 percent of CISOs/CIOs) view the malicious insider as a significant risk. Fortunately, 66 percent of these respondents now have a strategy for both types of insider threat, particularly in the case of Singapore (80 percent), Australia (73 percent) and the US (67 percent).
However, greater observability is needed; many do not yet have visibility to distinguish which type of insider threat is endangering their business, an issue that is most prominent for the UK and German markets, with 40 percent and 41 percent agreeing, respectively.
The survey report also found 88 percent of global respondents believe there is a "blame culture" in the cybersecurity industry, with 38 percent in the US and 37 percent in Singapore seeing this tendency to point the finger when breaches occur as heavily prevalent.
Worryingly, 94 percent of those that recognize the blame culture told Gigamon that it could also be a deterrent to the speed of reporting an incident — at least somewhat, depending on the scale of the incident.
To overcome this issue, 42 percent of organizations called for more transparency, as well as industry-wide collaboration (29 percent) and providing CIOs/CISOs with "Deep Observability" (22 percent). In fact, over a quarter (26 percent) of CIOs/CISOs are calling for the latter to help overcome the blame culture.
Integral to cybersecurity
Continue reading with one of these options:
Ad-free access
P 80 per month
(billed annually at P 960)
- Unlimited ad-free access to website articles
- Limited offer: Subscribe today and get digital edition access for free (accessible with up to 3 devices)