30% Of Business Leaders Would Pay Ransom

The recently released  Risk: Value Report 2019, by NTT Security, examined the attitudes of more than 2,200 non-IT decision makers to risk and value of cybersecurity to the business across 20 countries. 

The findings revealed cyber-security threats are at the top of the agenda for business leaders, with cyber-attacks (43%) on the top, followed by data loss or theft (37%), and attacks on critical infrastructure (35%). 

Respondents had stated that these cybersecurity issues could affect their organisation in the next 12 months, and thus impacting the organisation more likely than other global issues such as terrorism and government failure. 

It is evident that organisations want to address cybersecurity concerns, with respondents stating that strong information and protecting data integrity were important to 84% and 85% of businesses respectively. With 88% of respondents citing that strong cybersecurity measures would benefit their organisation. 

Amongst the findings it was identified that organisations report that their critical data is no more secure than it was last year, with 48% of all organisations stating that their critical data is secure, whist only 45% have secured all of their organisation’s data. 

Only 58% of organisations have a formal security policy, out of which, 48% stated that employees were fully aware of the policy, with just 28% who fully-understood the policies. 

The Report Conclusions
“The regulatory landscape, particularly regarding the privacy of personally identifiable information, has changed considerably in the last few years, but many businesses are not keeping pace with these changes.”

  • Only 30% of companies think GDPR affects them, with 83% of organisations feeling that compliance is important, however 13% are unaware as to what regulations their organisations are subject to. 
  • In regards to ransomware, 33% of organisations would consider paying a ransom to an attacker instead of investing in cybersecurity, as they believe it is cheaper. 

It was also identified that 36% would rather pay a ransom than get a fine for non-compliance, thus indicating a clear fear about the potential consequences of being non-compliant, but also “indicates a lack of confidence in the ability of some organizations to deal with important regulatory issues”. 

Azeem Aleem, VP Consulting, NTT Security said:

“The Risk: Value report is an interesting barometer based on responses from those sitting outside of the IT function – and is often very revealing. What’s clear is that the world around them is changing, and changing fast, with the introduction of new regulations, integration of new technologies and fast-paced digital transformation projects changing the way we work. 

“What’s concerning though is that organisations seem to have come to a standstill in their journey to cybersecurity best practice, and it’s particularly worrying to see UK businesses falling behind in some critical areas like incident response planning.

“Decision makers clearly see security as an enabler; something that can help the business and society in general. But while awareness of cyber risks is high, organisations still lack the ability, or perhaps the will, to manage them effectively. The execution of cybersecurity strategies must improve or business risk will escalate for the organisations concerned.”

PrivSec Report

You Might Also Read:

Florida Municipality Suffers Cyber Extortion:

SamSam: $6 million Ransomware:

 

« Malboard Exploit Mimics A User’s Keystrokes
Iran’s Cyber Threat to Germany »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

SecureWorks

SecureWorks

SecureWorks provides intelligence-driven security solutions for organizations to prevent, detect, rapidly respond and predict cyberattacks.

XCure Solutions

XCure Solutions

XCure Solutions are a Finnish company specializing in data security, data protection and data recovery.

NTNU Center for Cyber & Information Security (NTNU CCIS)

NTNU Center for Cyber & Information Security (NTNU CCIS)

NTNU CCIS is a national centre for research, education, testing, training and competence development within the area of cyber and information security.

Swiss Cyber Storm

Swiss Cyber Storm

Swiss Cyber Storm is a non profit organization hosting the international Swiss Cyber Storm Conference and running the Swiss part of the European Cyber Security Challenges.

Me Learning

Me Learning

Me Learning provides engaging, informative and clearly explained learning materials for complex and challenging professional environments in areas including GDPR and Information Governance.

Cyber Forensic & Investigation (CFI)

Cyber Forensic & Investigation (CFI)

Cyber Forensic & Investigation (CFI) is recognized as Thailand’s leader in cyber investigations and digital forensics.

HUB Security

HUB Security

Hub Security provide Ultra Secure, Military Grade HSM (Hardware Security Module) Solutions for Blockchain and Digital Assets.

BigPanda

BigPanda

BigPanda is the first provider of Autonomous Operations solutions that empower IT Operations at large, complex enterprises.

Sylint

Sylint

Sylint is an internationally recognized cyber security and digital data forensics firm with extensive experience discretely addressing some of today’s biggest cyber breaches.

Grayshift

Grayshift

Grayshift is the leading provider of mobile device digital forensics, specializing in lawful access and extraction.

Dataprise

Dataprise

Dataprise is a leading IT managed services provider offering IT Management and Help Desk Support Services, Cloud Services, Information Security Solution, IT Strategy and Consulting.

Mr Backup (MRB)

Mr Backup (MRB)

MRB offers Data Protection as a Service for businesses looking to reduce the time, cost and complexity of securing your company data.

CySecK

CySecK

CySecK is a Centre of Excellence in Cybersecurity formed in 2017 by the Government of Karnataka, as part of the Technology Innovation Strategy.

Fusion Cyber

Fusion Cyber

Fusion Cyber educates students in Zero Trust Risk Management, Defense, and Cyber Offense that lead to taking industry-accepted cybersecurity certifications.

Apura Cybersecurity Intelligence

Apura Cybersecurity Intelligence

Apura is a Brazilian company that develops advanced products and provides specialized services in information security and cyber defense.

Zally

Zally

Using advanced behavioural biometrics and AI, Zally is the world's answer to next-generation security.