IT chiefs plan to spend and innovate their way out of ransomware swamp

Cyber attack
(Image credit: Shutterstock) (Image credit: Shutterstock.com)

Ransomware is the scourge of the contemporary CIO’s data defenses. It’s the security infraction that makes for, quite literally, sleepless nights because it affects not just IT departments and SOCs but the whole operational function of the organization, reaching out to its partners and customers. At the same time, it inflicts stress and can have a catastrophic impact on the people it affects: their finances, their families and their health.

Given the ubiquity of ransomware attacks (and infosec thought leadership group SANS Institute suggests they spiked by 73 per cent to 4,611 in 2023), the threat could hardly be more stark. Gartner has even suggested that by 2025, attackers will target operational technology targets — where digital meets industrial infrastructure — to harm or even kill human beings.

Sammy Zoghlami

SVP EMEA for Nutanix.

Extortion and disruption

It should perhaps be no surprise then that when we commissioned Vanson Bourne for the sixth global Enterprise Cloud Index (ECI) survey to ask 1,500 IT, DevOps and platform engineering decision makers about 2024 plans, ransomware was front and center. Polled as to their significant infrastructure challenges, the highest number (42%) pointed to ransomware and malware protection, slightly ahead of a related area, data privacy and compliance (39%).

Ransomware also figured prominently when the audience, spanning 16 countries, was asked to rank the order of primary drivers of infrastructure choice. Almost four in 10 (39%) cited ransomware, just behind performance (40%) and flexibility to run solutions across clouds and on-premises (41%).

Ransomware attacks are so common now that many, especially in the age of internationalizing breach disclosure rules, are open to admitting they have been hit. In this poll, 89% said they had been hit in the last three years. And, with some accounting to be made for those that are not allowed to disclose or those that do not know the answer, the percentage is likely to be even larger. Of those that admitted to having been penetrated, almost all (96%) said there had been negative impacts.

Fear of ransomware is being amplified by the uber-trend towards digitization and organizational dependence on data for decision-making and automation. We know that one of the best opportunities organizations possess for competitive differentiation is to excel with IT. But that has meant that digital operations become an even larger and tastier honeypot for attackers. Thirty years ago when manual clerical processes were still common, an IT outage would be a hassle. Today, with e-commerce, digital supply chains and marketing, it brings down pretty much everything in its wake.

Questions and answers

What can IT do? The troubling answer is that there is no silver bullet, no patch, single point of failure or point solution. In part, that’s because the ransomware threat is only partly technical; it also attempts to persuade human beings to yield information. As we know, ransomware often targets human beings’ vulnerabilities to gain both psychological and digital keys to the kingdom.

So, education is key and increasingly incident response teams can deliver expertise. However, the ability to automate threat detection and rapidly restore services to the last known ‘good’ state offers a paradigm that goes way further than has previously been possible. If we go beyond backup’s retrospective measures, reducing downtime from hours, days or weeks to about 15 minutes can be done right now.

Our poll shows the chasm to be crossed: 29% said they had recovered in hours and 33% said they had taken days… and these are just the relatively positive results. Compare those to the 17% who took weeks and 21% who said several weeks and the scale of disruption becomes clear.

Are we listening?

Thankfully, the pressing need to act seems to be a case of ‘Message received and understood’. When asked about what priorities should be for CIOs and CTOs in 2024, the number-one answer was data security and ransomware detection. And this isn’t just a techie answer: C-suite respondents prioritize only data privacy above ransomware. The large majority of respondents (92%) say their organizations need to reduce their exposure to ransomware and almost four in five (78%) say they will increase ransomware protection spend through 2024.

The ransomware challenge is ubiquitous and exists across verticals, led by banking and financial services, healthcare, manufacturing, energy/utilities, governmental agencies and education.

AI and digital transformation may be the media’s obsessions and modern memes but our data says ransomware is a bigger CIO concern. They need to plan to repel ransomware attacks and take practical steps that are not just focused on remediation, backup and addressing fallout from attacks. Because if history tells us anything, it is that those threats are about to become even broader and more sophisticated.

We've featured the best encryption software.

This article was produced as part of TechRadarPro's Expert Insights channel where we feature the best and brightest minds in the technology industry today. The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/news/submit-your-story-to-techradar-pro

Sammy Zoghlami is a Senior Vice President at Nutanix where he leads the EMEA organization.

TOPICS