Cybereason, the leader in operation-centric attack protection, published a global study of 1,200+ security professionals at organizations that have previously suffered a successful ransomware attack on a holiday or weekend. The study highlights the disconnect between organizational risk and preparedness.
The report, titled Organizations at Risk: Ransomware Attackers Don’t Take Holidays, found that the vast majority of security professionals in the UAE (93%) expressed high concern about imminent ransomware attacks. In spite of this concern, there seems to be a disconnect between the risk ransomware poses to organizations during these off-hour periods and their preparedness — in terms of personnel and technology — to respond, moving into the holiday season.
The Human Element
An indicator of the disconnect between the perceived risk and preparedness is that 39% of respondents in the UAE attributed the previous successful holiday ransomware attack to not having the right cybersecurity coverage plan or because the company was only operating a skeleton crew.
This has unfortunately meant that often times cybersecurity professionals have had to put off personal engagements and weekend plans in order to respond to the attacks — 90% of UAE respondents indicated they have missed a holiday or weekend activity because of a ransomware attack.
Technology Issues
On the technology front, 65% of UAE respondents (16% higher than the global average) said a ransomware attack against their organization was successful because they did not have the right security solutions in place. Most concerning was the fact that just 44% reported having an Endpoint Detection and Response (EDR) solution in place. As EDR is a foundational building block of a robust cybersecurity posture, this is particularly alarming.
Organizational Impact
This lack of preparedness for ransomware attacks on weekends and holidays has a significant impact on victim organizations, with 60% of UAE respondents saying it resulted in longer periods to assess the scope of an attack, 58% reporting they required more time to mount an effective response and 46% indicating they required a longer period to fully recover from the attack.
Interestingly, 23% of UAE respondents (twice the global average) reported their organizations suffered revenue losses as a direct result. This research validates the assumption that it takes longer to assess, mitigate, remediate and recover from a ransomware attack over a holiday or weekend.
“Ransomware attackers don’t take time off for holidays. The most disruptive ransomware attacks in 2021 have occurred over weekends and during major holidays when attackers know they have the advantage over targeted organizations,” said Chief Executive Officer and Co-founder of Cybereason, Lior Div. “This research proves out the fact that organizations are not adequately prepared and need to take additional steps to assure they have the right people, processes and technologies in place so they can effectively respond to ransomware attacks and protect their critical assets.”
Learning from past mistakes
There are some positives to be taken away from the research — findings indicate that UAE organizations have acknowledged the need to enhance their cybersecurity defense and ensure they have the right technology, resources and strategy in place to avoid being hit by an attack during the upcoming holiday season. 77% of respondents stated that their organizations would be adding new technology, 60% are building a more robust contingency plan and 50% planning to increase cybersecurity staff cover over the holidays.