Organisations taking a best-of-breed, point product approach to security were more likely to be attacked by ransomware in the last year
John Maddison, executive vice president of products and chief marketing officer, Fortinet, said, “According to the Fortinet research released, though three out of four organisations detected ransomware attacks early, half still fell victim to them. These results demonstrate the urgency to move beyond simple detection to real-time response. However, this is only part of the solution as organisations cited the top challenges in preventing attacks were related to their people and processes. A holistic approach to cybersecurity that goes beyond investing in essential technologies and prioritises training is essential.”
Fortinet® (NASDAQ: FTNT), the global cybersecurity leader driving the convergence of networking and security, has unveiled its 2023 Global Ransomware Report. The report is based on a recent global survey conducted by Fortinet and explores cybersecurity leaders’ perspectives on ransomware, particularly how it impacted their organisations in the last year, and their strategies to mitigate an attack. Key findings from the global survey include:
- The global threat of ransomware remains at peak levels, with half of organisations across all sizes, regions and industries falling victim in the last year.
- The top challenges to stopping a ransomware attack were people and process related, with many organisations lacking clarity on how to secure against the threat.
- There are a range of technologies viewed as essential to prevent ransomware, with an overwhelming majority prioritising an integrated approach to security.
- Despite the global macroeconomic environment, security budgets will increase in the next year with a focus on artificial intelligence (AI)/machine learning (ML) technologies to speed detection, centralised monitoring tools to speed response, and better preparation of people and processes.
A growing disconnect between ransomware preparedness and prevention
Fortinet’s research revealed there was a large disconnect between respondents’ level of preparedness with existing strategies and their ability to stop a ransomware attack. Although 78 per cent of organisations stated they were “very” or “extremely” prepared to mitigate an attack, the survey found 50 per cent fell victim to ransomware in the last year, and almost half were targeted two or more times. Specifically, four out of the five top challenges to stopping ransomware were people or process related. The second largest challenge was a lack of clarity on how to secure against the threat as a result of a lack of user awareness and training, and no clear chain-of-command strategy to deal with attacks.
More organisations are paying the ransom, despite industry guidance
The survey also found that despite most (72 per cent) detecting an incident within hours, and sometimes minutes, the percentage of organisations paying ransoms remains high, with almost three-quarters of respondents making some form of ransom payment. When comparing across industries, organisations in the manufacturing sector received higher ransoms and were more likely to pay the fee. Specifically, one quarter of attacks among manufacturing organisations received a ransom of US$1M or higher. Finally, while almost all organisations (88 per cent) reported having cyber insurance, almost 40 per cent didn’t receive as much coverage as expected and, in some cases, didn’t receive any because of an exception from the insurer.
Security budgets will increase despite economic uncertainty
With concerns about ransomware still high and despite a challenging global economic environment, nearly all organisations (91 per cent) expect increased security budgets in the next year. Based on the technologies viewed as most essential to secure against ransomware, organisations were most concerned with Internet of Things (IoT) security, secure access service edge (SASE), cloud workload protection, next-generation firewall (NGFW), endpoint detection and response (EDR), zero trust network access (ZTNA), and security email gateway. When comparing to 2021, the number of respondents citing ZTNA and secure email gateway increased by nearly 20 per cent. Given email phishing remained the most common attack entry method for the second time, it was promising to see respondents view secure email gateway (51 per cent) with higher importance, however, other essential protections, such as sandboxing (23 per cent) and network segmentation (20 per cent) remained low on the list.
In the future, top priorities for respondents will be investing in advanced technology powered by AI and ML to enable faster threat detection and central monitoring tools to speed response. These investments will help organisations combat a rapidly evolving threat landscape as cyber attackers become more aggressive and deploy new elements into attacks.
Enhancing ransomware protection through a platform approach
In addition, the report found that organisations using point products were the most likely to fall victim to an attack in the last year, while those who had consolidated to a smaller number of platforms were the least likely to be a victim. Further, almost all respondents (99 per cent) viewed integrated solutions or a platform as essential to preventing ransomware attacks. These findings underscore the importance of leveraging a unified platform approach to defend against ransomware.
Fortinet supports organisations looking to improve their processes and advance cybersecurity skills by providing services such as incident readiness assessments and tabletop exercises, ransomware readiness assessments, Security Operations Centre (SOC)-as-a-Service, and SOC readiness assessments, as well as comprehensive training from one of the largest programs in the industry, the Fortinet Training Institute. With its industry-leading Security Fabric of over 50 natively integrated, enterprise-grade products, Fortinet continues to be the leading vendor helping organisations consolidate their point products into a unified cybersecurity platform. This platform approach, with open application programming interfaces (APIs) and a robust fabric-ready technology alliance ecosystem, enables chief information security officers (CISOs) and security teams to reduce complexity, increase efficacy in the prevention and detection of ransomware, and speed incident triage, investigation and response.
Learn more about the Fortinet Security Fabric in the Fortinet Booth at RSA 2023
Fortinet is a platinum sponsor at this year’s RSA Conference and will be showcasing live demonstrations of its Security Fabric and cybersecurity solutions at booth #5863. Stop by the booth for a range of interactive discussions on how to protect your business from ransomware and learn more about Fortinet and its presentations at RSA in this blog post.
- The survey was conducted among 569 cybersecurity leaders from 31 different locations around the world, including the United States, United Kingdom, France, India, and Japan, among others.
- Survey respondents came from a range of industries, such as manufacturing (29 per cent), technology (19 per cent), transportation (12 per cent) and healthcare (11 per cent).
- Read the blog for key takeaways from Fortinet’s 2023 Global Ransomware Report, including a breakdown on how ransomware has impacted regions across the globe.
- Learn more about how the Fortinet Security Fabric brings end-to-end security to organisations of all sizes to prevent ransomware across all points of entry.
- Learn about Fortinet’s free cybersecurity training, which includes broad cyber awareness and product training. As part of the Fortinet Training Advancement Agenda (TAA), the Fortinet Training Institute also provides training and certification through the Network Security Expert (NSE) certification, Academic Partner, and Education Outreach programs.
- Learn more about FortiGuard Labs threat intelligence and research and outbreak alerts, which provide timely steps to mitigate breaking cybersecurity attacks.
- Learn more about Fortinet’s FortiGuard Security Services portfolio.
- Read about how Fortinet customers are securing their organisations.
- Follow Fortinet on Twitter, LinkedIn, Facebook
, and Instagram. Subscribe to Fortinet on our blog or YouTube.
Fortinet (NASDAQ: FTNT) is a driving force in the evolution of cybersecurity and the convergence of networking and security. Our mission is to secure people, devices, and data everywhere, and today we deliver cybersecurity everywhere you need it with the largest integrated portfolio of over 50 enterprise-grade products. Well over half a million customers trust Fortinet’s solutions, which are among the most deployed, most patented, and most validated in the industry. The Fortinet Training Institute, one of the largest and broadest training programs in the industry, is dedicated to making cybersecurity training and new career opportunities available to everyone. FortiGuard Labs, Fortinet’s elite threat intelligence and research organisation, develops and utilises leading-edge machine learning and AI technologies to provide customers with timely and consistently top-rated protection and actionable threat intelligence. Learn more at https://www.fortinet.com, the Fortinet blog, and FortiGuard Labs.
Copyright © 2023 Fortinet, Inc. All rights reserved. The symbols ® and ™ denote respectively federally registered trademarks and common law trademarks of Fortinet, Inc., its subsidiaries and affiliates. Fortinet’s trademarks include, but are not limited to, the following: Fortinet, the Fortinet logo, FortiGate, FortiOS, FortiGuard, FortiCare, FortiAnalyzer, FortiManager, FortiASIC, FortiClient, FortiCloud, FortiMail, FortiSandbox, FortiADC, FortiAI, FortiAIOps, FortiAntenna, FortiAP, FortiAPCam, FortiAuthenticator, FortiCache, FortiCall, FortiCam, FortiCamera, FortiCarrier, FortiCASB, FortiCentral, FortiConnect, FortiController, FortiConverter, FortiCWP, FortiDB, FortiDDoS, FortiDeceptor, FortiDeploy, FortiDevSec, FortiEdge, FortiEDR, FortiExplorer, FortiExtender, FortiFirewall, FortiFone, FortiGSLB, FortiHypervisor, FortiInsight, FortiIsolator, FortiLAN, FortiLink, FortiMoM, FortiMonitor, FortiNAC, FortiNDR, FortiPenTest, FortiPhish, FortiPlanner, FortiPolicy, FortiPortal, FortiPresence, FortiProxy, FortiRecon, FortiRecorder, FortiSASE, FortiSDNConnector, FortiSIEM, FortiSMS, FortiSOAR, FortiSwitch, FortiTester, FortiToken, FortiTrust, FortiVoice, FortiWAN, FortiWeb, FortiWiFi, FortiWLC, FortiWLM and FortiXDR. Other trademarks belong to their respective owners. Fortinet has not independently verified statements or certifications herein attributed to third parties and Fortinet does not independently endorse such statements. Notwithstanding anything to the contrary herein, nothing herein constitutes a warranty, guarantee, contract, binding specification or other binding commitment by Fortinet or any indication of intent related to a binding commitment, and performance and other specification information herein may be unique to certain environments.