Home > News > Top Stories > Ransomware Study: Two Thirds of Security Professionals Believe Ransomware and Terrorism Threats are Equal

Security

Ransomware Study: Two Thirds of Security Professionals Believe Ransomware and Terrorism Threats are Equal

Venafi, the inventor and leading provider of machine identity management, announced the findings of a global survey of more than 1,500 IT security decision makers that reveals that almost two-thirds (60%) of security almost two-thirds (60%) believe ransomware threats should be prioritized at the same level as terrorism. These opinions echo the U.S. Department of Justice, which raised the threat level of ransomware following the Colonial Pipeline attack earlier this year. The study also found that less than one-third of respondents have implemented basic security controls that break the ransomware kill chain.

Other key findings include:

  • Over two thirds (67%) of respondents from organizations with more than 500 employees experienced a ransomware attack over the last 12 months—a figure that rises to 80% for respondents from organizations with 3,000-4,999 employees.
  • Over a third (37%) of respondents would pay the ransom but more than half of these (57%) would reverse that decision if they had to publicly report the payment, as required by the Ransomware Disclosure Act, a U.S. Senate bill that would require companies to report ransomware payments within 48 hours.
  • Despite the rising number of ransomware attacks, more than three-quarters (77%) say they are confident the tools they have in place will protect them from ransomware attacks. Australian IT decision makers have the most confidence in their tools (88%), compared with 71% in the U.S. and 70% in Germany.
  • Twenty two percent believe paying a ransom to be “morally wrong.”
  • Seventeen percent of those breached admitted they paid the ransom, with U.S. respondents paying most often (25%) and Australian companies paying least often (9%).

The fact that most IT security professionals consider terrorism and ransomware to be comparable threats tells you everything you need to know; these attacks are indiscriminate, debilitating and embarrassing. Unfortunately, our research shows that while most organizations are extremely concerned about ransomware, they also have a false sense of security about their ability to prevent these devastating attacks. Too many organizations say they rely on traditional security controls like VPNs and vulnerability scanning instead of modern security controls, like code signing that are built-in to security and development processes.”

Kevin Bocek, Vice President ecosystem and threat intelligence at Venafi

The study shows that most organizations are not using security controls that break the ransomware kill chain early in the attack cycle. Many ransomware attacks start with phishing emails that include a malicious attachment—but just 21% restrict the execution of all macros within Microsoft Office documents. Less than a fifth (18%) of companies restrict the use of PowerShell using group policy, and only 28% require all software to be digitally signed by their organization before employees are allowed to execute it.

About the research
Conducted by Sapio Research, Venafi’s survey evacuated the opinions of 1,506 IT security officers across the U.K., Australia, France, Germany, Benelux and the U.S.

About Venafi
Venafi is the cybersecurity market leader in machine identity management, securing machine-to-machine connections and communications. Venafi protects machine identity types by orchestrating cryptographic keys and digital certificates for SSL/TLS, SSH, code signing, mobile and IoT. Venafi provides global visibility of machine identities and the risks associated with them for the extended enterprise—on premises, mobile, virtual, cloud and IoT—at machine speed and scale. Venafi puts this intelligence into action with automated remediation that reduces the security and availability risks connected with weak or compromised machine identities while safeguarding the flow of information to trusted machines and preventing communication with machines that are not trusted.

With over 30 patents, Venafi delivers innovative solutions for the world's most demanding, security-conscious Global 5000 organizations and government agencies, including the top five U.S. health insurers; the top five U.S. airlines; the top four credit card issuers; three out of the top four accounting and consulting firms; four of the top five U.S. retailers; and the top four banks in each of the following countries: the U.S., the U.K., Australia and South Africa.

Spotlight

More featured news

Spotlight

Related News

Backup and Disaster Recovery

Pure Storage Simplifies Data Resilience and Enables an Enhanced Service Operations Experience For Enterprises Everywhere

PR Newswire | October 12, 2023

Pure Storage® the IT pioneer that delivers the world's most advanced data storage technology and services, announced critical new data resilience offerings, including the introduction of Pure Protect™//DRaaS, a unique Disaster Recovery as a Service (DRaaS) solution, new energy efficiency guarantees for its Evergreen® portfolio, and scalable AI-powered storage services via its Pure1® management platform to global enterprises. With the introduction of consumption-based disaster recovery via Pure Protect, a unique data resilience scoring system via Pure1, and updates to Evergreen subscriptions that include a new Paid Power and Rack commitment, Pure Storage enables enterprises to adopt a complete, end-to-end storage strategy that assures data resilience, reduces labor costs, accelerates sustainability initiatives, and delivers unrivaled TCO benefits. Industry Significance The rate of devastating ransomware attacks and the increasing frequency of natural disasters are upending business continuity more often each day. While many organizations recognize the importance of a disaster recovery (DR) plan, current DR solutions on the market are complex, expensive, and disruptive. Likewise, the current energy crisis, new environmental regulations, and ethical imperatives to improve corporate sustainability have led companies to set ambitious net-zero goals, but reckoning with the typical data center's power demands has remained challenging. And with digitization at scale and data proliferation and fragmentation, end-to-end operations management further aggravates the skill and budget shortages for IT. Today's introduction of Pure Protect //DRaaS and updates to the Pure Storage Evergreen portfolio not only address these critical industry pain points, but also set new milestones for customer-centricity with compelling guarantees. News Highlights Assured Data Resilience: Pure Storage enables enterprises everywhere to maximize data protection with a complete, multi-layered data resilience strategy built from the ground up. With intrinsic data protection built into its Evergreen architecture via ActiveDR™, ActiveCluster™, and SafeMode™ Snapshot capabilities, Pure Storage has now expanded data resilience with new trusted operations capabilities and a new disaster recovery service: Pure Protect //DRaaS, a new consumption-based Disaster Recovery as-a-Service solution, drastically reduces complexity, cost, recovery time, and business disruption in the wake of disasters and cyber disruptions. Organizations now have clean environments with multiple restore points to recover clean copies of their on-premises vSphere data, to native AWS EC2, no matter what underlying storage infrastructure it is, while ensuring data centers remain isolated for investigation. Data Resilience Score, within the Pure1 Data Protection Assessment, underscores Pure Storage's trusted operations by providing better transparency in the adoption of Pure Storage and industry-leading data protection and backup partner technologies, while offering the ability to assess entire fleet configurations against leading practices. Zero Data Loss Guarantee, across the Evergreen portfolio, provides peace of mind that customers data will not be lost due to Pure Storage hardware or software issues. In the rare case of any data corruption, Pure Storage assures data protection with advanced data recovery services for any hardware or software product-related incidents, at no cost. Enhanced Service Experience, Everywhere: With Pure Storage's AI-powered asset and lifecycle management services and policy-based automation, customers can achieve operational excellence, anywhere and on any scale. Asset Management and Genealogy allows customers and Pure Storage to jointly optimize Labor costs to run and operate storage. Customers get full transparency to manage Evergreen assets, contracts, subscriptions, and lifecycle, and get visibility into capacity, energy, and rack space usage. Customers can also view how each asset or subscription has evolved over time, including software updates, ramps, expansions, and renewals, and gain insight into upcoming lifecycle events such as EOL, upgrades, or contract expiration. Subscription Lifecycle Operations: Customers now benefit from a subscription viewer to understand when subscriptions require attention and renewal, predictive tracking of capacity utilization with actionable alerts to optimize reserve commit vs on-demand consumption, and new SLA indicators to track how well Pure Storage is meeting performance and efficiency SLAs. Customers can plan for future demand, trigger in-app workflows to request quotes, or use the new Pure1 Marketplace for a simplified subscription shopping experience. Partners can take advantage of these capabilities via APIs and early notifications of lifecycle events (EOL, renewal) to deliver seamless procurement experiences to joint customers. Policy-driven Upgrades take the guesswork out of choosing the right Purity release and simplify fleet management. They help customers strike the right balance between frequent upgrades and maintaining a secure and supported storage environment based on their organization's goals. Pure1 Mobile App enables customers to get insights and alerts even on the go as well as manage cases and get the latest information and news from Pure anywhere in the world. Guaranteed Energy Efficiency While Saving Money: With the only Paid Power and Rack Space commitment in the enterprise Storage as-a-Service market, and unique energy, density, and upgrade guarantees, Pure Storage is not only committed to providing the most sustainable storage solutions in the industry, but is also determined to make being green easier and more affordable for global customers. About Pure Storage Pure Storage uncomplicates data storage, forever. Pure delivers a cloud experience that empowers every organization to get the most from their data while reducing the complexity and expense of managing the infrastructure behind it. Pure's commitment to providing true storage as-a-service gives customers the agility to meet changing data needs at speed and scale, whether they are deploying traditional workloads, modern applications, containers, or more. Pure believes it can make a significant impact in reducing data center emissions worldwide through its environmental sustainability efforts, including designing products and solutions that enable customers to reduce their carbon and energy footprint. And with the highest Net Promoter Score in the industry, Pure's ever-expanding list of customers are among the happiest in the world.

Read More

Backup and Disaster Recovery

GRAX Introduces Free Data Backup and Recovery Service for Salesforce

businesswire | September 12, 2023

GRAX, Inc., a leading innovator in Salesforce data management and protection, announces the general availability of GRAX Lite for free Salesforce backup and recovery. GRAX Lite is a game-changing free solution that enables businesses to prevent data loss by safeguarding their Salesforce data. GRAX Lite addresses a critical need in the SaaS data protection market by offering comprehensive free backup software. In an era marked by escalating cyber threats and stringent compliance regulations, GRAX Lite arms businesses with a powerful tool to shield their vital Salesforce data. Built on the principle of data ownership, GRAX Lite gives Salesforce users the power to take back that ownership and control of their valuable Salesforce data with a couple of clicks. "At GRAX, we have always believed that data protection is an unassailable right," said Joe Gaska, Head of Product at GRAX. "With the launch of GRAX Lite, we are breaking down barriers and providing businesses with the tools they need to secure their mission-critical Salesforce data so that they can focus on growing their business." Key capabilities of GRAX Lite for Salesforce Backup and Recovery Effortless Backup and Recovery: GRAX Lite simplifies the backup process allowing users to protect and easily restore their Salesforce data with just a couple of clicks. 100% Data Ownership: GRAX Lite empowers users to retain full ownership of their data by enabling backups into the customer-owned storage service – Amazon Web Services (AWS) or Azure cloud storage environments. Maintain Your Digital Chain of Custody: With GRAX, users retain full control over their data’s Digital Chain of Custody – GRAX runs entirely in the customer-owned cloud. Unlimited backup storage: GRAX Lite enables users to capture all of their data into their cloud of choice, where users can leverage their existing cloud agreements. Daily Automated Backups: Users gain peace of mind with automated incremental backups of Salesforce data, including files and attachments, ensuring no critical information is lost. Granular Control: Swiftly restore individual records, making it simple to bring back data quickly when you need it. User-Friendly Interface: The user-centric design of GRAX ensures that any user can navigate and deploy free Salesforce data protection from the GRAX Platform with ease. GRAX Lite is a testament to GRAX's commitment to data sovereignty and data governance. By providing a free and user-friendly solution for Salesforce backup and recovery, GRAX Lite empowers organizations to take back ownership of their data assets, create a comprehensive backup strategy, and focus on driving business growth. About GRAX GRAX helps organizations adapt faster by making it easier to get strategic value out of their historical SaaS application data. Customers can fully own, access, and reuse all versions of their cloud application data anywhere, anytime by simply backing up or archiving it to their own cloud environment and seamlessly pushing it into their data ecosystem. GRAX delivers unparalleled SaaS data backup, archive, recovery, and reuse functionality in a fully integrated solution, helping leading organizations improve business continuity, regulatory compliance, customer retention, and revenue growth.

Read More

Backup and Disaster Recovery

In an Era of Escalating Cyber Threats, Commvault and Lenovo Simplify Enterprise Data Protection and Speed Recovery in the Hybrid Cloud

PR Newswire | October 17, 2023

Commvault®, an enterprise data protection leader for global businesses, announced new highly reliable backup and recovery solutions for enterprise organizations, powered by Lenovo technology. Paired with Lenovo's award-winning hardware systems, Commvault is delivering simplicity to IT teams with data protection and management from a single view, while giving CIOs flexibility, reliability, and blazing performance at immense scale with better TCO and faster time to value. "Innovation through collaboration has always been at the heart of Commvault. Partnering with Lenovo propels us further into a future where enterprises can safely say their data is secured, protected, and recoverable," said Alan Atkinson, Chief Partner Officer, Commvault. "This partnership stands as a testament to both companies' commitment to supporting global enterprises in navigating the multifaceted challenges posed by today's data-driven business landscape." "As we continue to operate in such a fast-paced and data-driven business environment, ensuring the safety, accessibility, and recoverability of critical business data has never been more important. It is for this exact reason that Commvault and Lenovo have come together to deliver highly reliable backup and recovery solutions for enterprise organizations," said Brian Connors, Vice President and General Manager, Software & Business Development, Lenovo. Commvault software is recognized for its unmatched depth in cloud-native integrations, supporting an array of applications, databases, and infrastructures. For the 12th consecutive year, Gartner positioned Commvault as a Leader in the Gartner® Magic Quadrant™ for Enterprise Backup and Recovery Software Solutions. Commvault also ranked highest in six out of seven use cases in the 2023 Gartner® Critical Capabilities for Enterprise Backup and Recovery Software Solutions. About Commvault Commvault is a global leader in cloud data protection. Our industry-leading platform redefines the next generation of data protection as the only solution with comprehensive data protection, proactive data defense, advanced ransomware protection, and a single view across all your data. This lets you secure, defend, and recover your data, applications, and production workloads – on-premises, in the cloud, over SaaS, or spread across hybrid and multi-cloud environments. The result is early warning of attacks, active defense to reduce the impact of intrusion, and rapid, accurate recovery of your data. Simply put, Commvault is data, protected.

Read More

Backup and Disaster Recovery

Pure Storage Simplifies Data Resilience and Enables an Enhanced Service Operations Experience For Enterprises Everywhere

PR Newswire | October 12, 2023

Pure Storage® the IT pioneer that delivers the world's most advanced data storage technology and services, announced critical new data resilience offerings, including the introduction of Pure Protect™//DRaaS, a unique Disaster Recovery as a Service (DRaaS) solution, new energy efficiency guarantees for its Evergreen® portfolio, and scalable AI-powered storage services via its Pure1® management platform to global enterprises. With the introduction of consumption-based disaster recovery via Pure Protect, a unique data resilience scoring system via Pure1, and updates to Evergreen subscriptions that include a new Paid Power and Rack commitment, Pure Storage enables enterprises to adopt a complete, end-to-end storage strategy that assures data resilience, reduces labor costs, accelerates sustainability initiatives, and delivers unrivaled TCO benefits. Industry Significance The rate of devastating ransomware attacks and the increasing frequency of natural disasters are upending business continuity more often each day. While many organizations recognize the importance of a disaster recovery (DR) plan, current DR solutions on the market are complex, expensive, and disruptive. Likewise, the current energy crisis, new environmental regulations, and ethical imperatives to improve corporate sustainability have led companies to set ambitious net-zero goals, but reckoning with the typical data center's power demands has remained challenging. And with digitization at scale and data proliferation and fragmentation, end-to-end operations management further aggravates the skill and budget shortages for IT. Today's introduction of Pure Protect //DRaaS and updates to the Pure Storage Evergreen portfolio not only address these critical industry pain points, but also set new milestones for customer-centricity with compelling guarantees. News Highlights Assured Data Resilience: Pure Storage enables enterprises everywhere to maximize data protection with a complete, multi-layered data resilience strategy built from the ground up. With intrinsic data protection built into its Evergreen architecture via ActiveDR™, ActiveCluster™, and SafeMode™ Snapshot capabilities, Pure Storage has now expanded data resilience with new trusted operations capabilities and a new disaster recovery service: Pure Protect //DRaaS, a new consumption-based Disaster Recovery as-a-Service solution, drastically reduces complexity, cost, recovery time, and business disruption in the wake of disasters and cyber disruptions. Organizations now have clean environments with multiple restore points to recover clean copies of their on-premises vSphere data, to native AWS EC2, no matter what underlying storage infrastructure it is, while ensuring data centers remain isolated for investigation. Data Resilience Score, within the Pure1 Data Protection Assessment, underscores Pure Storage's trusted operations by providing better transparency in the adoption of Pure Storage and industry-leading data protection and backup partner technologies, while offering the ability to assess entire fleet configurations against leading practices. Zero Data Loss Guarantee, across the Evergreen portfolio, provides peace of mind that customers data will not be lost due to Pure Storage hardware or software issues. In the rare case of any data corruption, Pure Storage assures data protection with advanced data recovery services for any hardware or software product-related incidents, at no cost. Enhanced Service Experience, Everywhere: With Pure Storage's AI-powered asset and lifecycle management services and policy-based automation, customers can achieve operational excellence, anywhere and on any scale. Asset Management and Genealogy allows customers and Pure Storage to jointly optimize Labor costs to run and operate storage. Customers get full transparency to manage Evergreen assets, contracts, subscriptions, and lifecycle, and get visibility into capacity, energy, and rack space usage. Customers can also view how each asset or subscription has evolved over time, including software updates, ramps, expansions, and renewals, and gain insight into upcoming lifecycle events such as EOL, upgrades, or contract expiration. Subscription Lifecycle Operations: Customers now benefit from a subscription viewer to understand when subscriptions require attention and renewal, predictive tracking of capacity utilization with actionable alerts to optimize reserve commit vs on-demand consumption, and new SLA indicators to track how well Pure Storage is meeting performance and efficiency SLAs. Customers can plan for future demand, trigger in-app workflows to request quotes, or use the new Pure1 Marketplace for a simplified subscription shopping experience. Partners can take advantage of these capabilities via APIs and early notifications of lifecycle events (EOL, renewal) to deliver seamless procurement experiences to joint customers. Policy-driven Upgrades take the guesswork out of choosing the right Purity release and simplify fleet management. They help customers strike the right balance between frequent upgrades and maintaining a secure and supported storage environment based on their organization's goals. Pure1 Mobile App enables customers to get insights and alerts even on the go as well as manage cases and get the latest information and news from Pure anywhere in the world. Guaranteed Energy Efficiency While Saving Money: With the only Paid Power and Rack Space commitment in the enterprise Storage as-a-Service market, and unique energy, density, and upgrade guarantees, Pure Storage is not only committed to providing the most sustainable storage solutions in the industry, but is also determined to make being green easier and more affordable for global customers. About Pure Storage Pure Storage uncomplicates data storage, forever. Pure delivers a cloud experience that empowers every organization to get the most from their data while reducing the complexity and expense of managing the infrastructure behind it. Pure's commitment to providing true storage as-a-service gives customers the agility to meet changing data needs at speed and scale, whether they are deploying traditional workloads, modern applications, containers, or more. Pure believes it can make a significant impact in reducing data center emissions worldwide through its environmental sustainability efforts, including designing products and solutions that enable customers to reduce their carbon and energy footprint. And with the highest Net Promoter Score in the industry, Pure's ever-expanding list of customers are among the happiest in the world.

Read More

Backup and Disaster Recovery

GRAX Introduces Free Data Backup and Recovery Service for Salesforce

businesswire | September 12, 2023

GRAX, Inc., a leading innovator in Salesforce data management and protection, announces the general availability of GRAX Lite for free Salesforce backup and recovery. GRAX Lite is a game-changing free solution that enables businesses to prevent data loss by safeguarding their Salesforce data. GRAX Lite addresses a critical need in the SaaS data protection market by offering comprehensive free backup software. In an era marked by escalating cyber threats and stringent compliance regulations, GRAX Lite arms businesses with a powerful tool to shield their vital Salesforce data. Built on the principle of data ownership, GRAX Lite gives Salesforce users the power to take back that ownership and control of their valuable Salesforce data with a couple of clicks. "At GRAX, we have always believed that data protection is an unassailable right," said Joe Gaska, Head of Product at GRAX. "With the launch of GRAX Lite, we are breaking down barriers and providing businesses with the tools they need to secure their mission-critical Salesforce data so that they can focus on growing their business." Key capabilities of GRAX Lite for Salesforce Backup and Recovery Effortless Backup and Recovery: GRAX Lite simplifies the backup process allowing users to protect and easily restore their Salesforce data with just a couple of clicks. 100% Data Ownership: GRAX Lite empowers users to retain full ownership of their data by enabling backups into the customer-owned storage service – Amazon Web Services (AWS) or Azure cloud storage environments. Maintain Your Digital Chain of Custody: With GRAX, users retain full control over their data’s Digital Chain of Custody – GRAX runs entirely in the customer-owned cloud. Unlimited backup storage: GRAX Lite enables users to capture all of their data into their cloud of choice, where users can leverage their existing cloud agreements. Daily Automated Backups: Users gain peace of mind with automated incremental backups of Salesforce data, including files and attachments, ensuring no critical information is lost. Granular Control: Swiftly restore individual records, making it simple to bring back data quickly when you need it. User-Friendly Interface: The user-centric design of GRAX ensures that any user can navigate and deploy free Salesforce data protection from the GRAX Platform with ease. GRAX Lite is a testament to GRAX's commitment to data sovereignty and data governance. By providing a free and user-friendly solution for Salesforce backup and recovery, GRAX Lite empowers organizations to take back ownership of their data assets, create a comprehensive backup strategy, and focus on driving business growth. About GRAX GRAX helps organizations adapt faster by making it easier to get strategic value out of their historical SaaS application data. Customers can fully own, access, and reuse all versions of their cloud application data anywhere, anytime by simply backing up or archiving it to their own cloud environment and seamlessly pushing it into their data ecosystem. GRAX delivers unparalleled SaaS data backup, archive, recovery, and reuse functionality in a fully integrated solution, helping leading organizations improve business continuity, regulatory compliance, customer retention, and revenue growth.

Read More

Backup and Disaster Recovery

In an Era of Escalating Cyber Threats, Commvault and Lenovo Simplify Enterprise Data Protection and Speed Recovery in the Hybrid Cloud

PR Newswire | October 17, 2023

Commvault®, an enterprise data protection leader for global businesses, announced new highly reliable backup and recovery solutions for enterprise organizations, powered by Lenovo technology. Paired with Lenovo's award-winning hardware systems, Commvault is delivering simplicity to IT teams with data protection and management from a single view, while giving CIOs flexibility, reliability, and blazing performance at immense scale with better TCO and faster time to value. "Innovation through collaboration has always been at the heart of Commvault. Partnering with Lenovo propels us further into a future where enterprises can safely say their data is secured, protected, and recoverable," said Alan Atkinson, Chief Partner Officer, Commvault. "This partnership stands as a testament to both companies' commitment to supporting global enterprises in navigating the multifaceted challenges posed by today's data-driven business landscape." "As we continue to operate in such a fast-paced and data-driven business environment, ensuring the safety, accessibility, and recoverability of critical business data has never been more important. It is for this exact reason that Commvault and Lenovo have come together to deliver highly reliable backup and recovery solutions for enterprise organizations," said Brian Connors, Vice President and General Manager, Software & Business Development, Lenovo. Commvault software is recognized for its unmatched depth in cloud-native integrations, supporting an array of applications, databases, and infrastructures. For the 12th consecutive year, Gartner positioned Commvault as a Leader in the Gartner® Magic Quadrant™ for Enterprise Backup and Recovery Software Solutions. Commvault also ranked highest in six out of seven use cases in the 2023 Gartner® Critical Capabilities for Enterprise Backup and Recovery Software Solutions. About Commvault Commvault is a global leader in cloud data protection. Our industry-leading platform redefines the next generation of data protection as the only solution with comprehensive data protection, proactive data defense, advanced ransomware protection, and a single view across all your data. This lets you secure, defend, and recover your data, applications, and production workloads – on-premises, in the cloud, over SaaS, or spread across hybrid and multi-cloud environments. The result is early warning of attacks, active defense to reduce the impact of intrusion, and rapid, accurate recovery of your data. Simply put, Commvault is data, protected.

Read More

More featured news