30% Of Business Leaders Would Pay Ransom

The recently released  Risk: Value Report 2019, by NTT Security, examined the attitudes of more than 2,200 non-IT decision makers to risk and value of cybersecurity to the business across 20 countries. 

The findings revealed cyber-security threats are at the top of the agenda for business leaders, with cyber-attacks (43%) on the top, followed by data loss or theft (37%), and attacks on critical infrastructure (35%). 

Respondents had stated that these cybersecurity issues could affect their organisation in the next 12 months, and thus impacting the organisation more likely than other global issues such as terrorism and government failure. 

It is evident that organisations want to address cybersecurity concerns, with respondents stating that strong information and protecting data integrity were important to 84% and 85% of businesses respectively. With 88% of respondents citing that strong cybersecurity measures would benefit their organisation. 

Amongst the findings it was identified that organisations report that their critical data is no more secure than it was last year, with 48% of all organisations stating that their critical data is secure, whist only 45% have secured all of their organisation’s data. 

Only 58% of organisations have a formal security policy, out of which, 48% stated that employees were fully aware of the policy, with just 28% who fully-understood the policies. 

The Report Conclusions
“The regulatory landscape, particularly regarding the privacy of personally identifiable information, has changed considerably in the last few years, but many businesses are not keeping pace with these changes.”

  • Only 30% of companies think GDPR affects them, with 83% of organisations feeling that compliance is important, however 13% are unaware as to what regulations their organisations are subject to. 
  • In regards to ransomware, 33% of organisations would consider paying a ransom to an attacker instead of investing in cybersecurity, as they believe it is cheaper. 

It was also identified that 36% would rather pay a ransom than get a fine for non-compliance, thus indicating a clear fear about the potential consequences of being non-compliant, but also “indicates a lack of confidence in the ability of some organizations to deal with important regulatory issues”. 

Azeem Aleem, VP Consulting, NTT Security said:

“The Risk: Value report is an interesting barometer based on responses from those sitting outside of the IT function – and is often very revealing. What’s clear is that the world around them is changing, and changing fast, with the introduction of new regulations, integration of new technologies and fast-paced digital transformation projects changing the way we work. 

“What’s concerning though is that organisations seem to have come to a standstill in their journey to cybersecurity best practice, and it’s particularly worrying to see UK businesses falling behind in some critical areas like incident response planning.

“Decision makers clearly see security as an enabler; something that can help the business and society in general. But while awareness of cyber risks is high, organisations still lack the ability, or perhaps the will, to manage them effectively. The execution of cybersecurity strategies must improve or business risk will escalate for the organisations concerned.”

PrivSec Report

You Might Also Read:

Florida Municipality Suffers Cyber Extortion:

SamSam: $6 million Ransomware:

 

« Malboard Exploit Mimics A User’s Keystrokes
Iran’s Cyber Threat to Germany »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

mile2

mile2

Mile2 develop and deliver proprietary vendor neutral professional certifications for the cyber security industry.

OCERT

OCERT

OCERT is the National Computer Emergency Response Team of Oman.

Cloud53

Cloud53

Cloud53 specialise in improving operational IT through strategic use of Cloud technologies and services.

Cognizant

Cognizant

Cognizant offer services and solutions for IT Infrastructure Security, Enterprise Mobility and Internet of Things.

Secure Source

Secure Source

Secure Source specialise in search and recruitment for Cyber Security and Security Cleared markets.

Wilson Sonsini Goodrich & Rosati (WSGR)

Wilson Sonsini Goodrich & Rosati (WSGR)

WSGR is the premier provider of legal services to technology, life sciences, and growth enterprises worldwide. Practice areas include cybersecurity and data protection.

National Security Agency (NSA)

National Security Agency (NSA)

NSA is a US intel agency responsible for the protection of government communications and information systems against penetration and network warfare.

National Information Technology Development Agency (NITDA) - Nigeria

National Information Technology Development Agency (NITDA) - Nigeria

The National Information Technology Development Agency (NITDA) is committed to implementing the Nigerian National Information Technology Policy.

Luxembourg Office of Accreditation & Surveillance (OLAS)

Luxembourg Office of Accreditation & Surveillance (OLAS)

OLAS is the national accreditation body for Luxembourg. The directory of members provides details of organisations offering certification services for ISO 27001.

Sigma IT

Sigma IT

SIGMA IT is one of the largest IT services organizations in EMEA region providing a full range of solutions and services including cybersecurity, data protection and business continuity.

BLOCKO

BLOCKO

BLOCKO is a blockchain specialized technology company that has experienced and achieved the largest amount of business in South Korea.

Microland

Microland

Microland’s delivery of digital is all about making technology do more and intrude less for global enterprises. Our services include Cloud & Data Center, Networks, Cybersecurity and more.

Alcon Maddox

Alcon Maddox

Alcon Maddox is a niche recruitment and executive search firm specialised in sourcing exceptional Cyber Security sales and commercial leadership talent. Serving clients across the Middle East & Europe

Trapp Technology

Trapp Technology

Trapp Technology combines the very best cloud, Internet, IT managed services, and IT consulting to provide a true all-in-one IT solution for small to mid-sized businesses.

Teleskope

Teleskope

Teleskope are on a mission to empower businesses to protect sensitive data by default.

DuckDuckGoose

DuckDuckGoose

DuckDuckGoose offer advanced solutions to protect against manipulated videos, images, voices and texts.