For CISOs: Ransomware Gets Personal
Four out of 10 security professionals say their jobs would be on the line in the face of a successful attack, according to a new Mimecast survey on ransomware.
Key Points
- Security professionals show a keen sense of responsibility amid mounting ransomware risk.
- At the same time, many see their jobs threatened by continuing attacks.
- They are asking for — and often getting — bigger budgets for ransomware.
With ransomware on the rise, many security professionals feel less secure in their jobs, according to Mimecast’s new State of Ransomware Readiness 2021 report, conducted by Hanover Research. The global survey surfaced the sentiments of 742 cybersecurity professionals about ransomware, including their sense of personal responsibility, feelings about job security, and hope for more support in the face of mounting risk.
Taking Ransomware Personally
Sixty-three percent of survey respondents said they’d feel very or extremely responsible if their companies suffered a ransomware attack. This may seem self-evident, but so does the opposite position of the small minority who would not feel personally responsible (5%). Many of these respondents (35%) hold the view that no one can stop all attacks from occurring — a consensus view in the industry — and point out that cybercriminals continue to improve their tactics (38%).
Why would most have such a keen sense of responsibility? Because it’s their job, said 60% of respondents. Other answers are more revealing. Forty-eight percent said a successful attack would show that they’d gotten it wrong — that “I underestimated the risk of a ransomware attack.” About one in five (21%) said it would mean “I didn’t communicate the risk level effectively enough to our executive team.” Smaller percentages answered that “I’m not able to keep our systems patched in a timely manner” or that “I didn’t have a disaster recovery/crisis management plan in place.”
Interestingly, the percentage of respondents who said they feel very or extremely responsible varies significantly in different countries, as follows:
- Australia: 72%
- Canada: 54%
- Netherlands: 72%
- Nordic countries: 47%
- United States: 69%
More than half of respondents said they spend more than half of the day protecting their companies against ransomware attempts, of which they experienced an average of about 3,000 over the last two years. The potent combination of persistent threat and personal responsibility can take a toll. In a report by the U.K.’s Chartered Institute of Information Security, titled The Security Profession 2020-2021, just over half of respondents said that job stress keeps them up at night.[1]
Can Ransomware Cost You Your Job?
This question weighs on many security professionals’ minds, with 39% of respondents to the Mimecast survey believing they could lose their jobs as a result of a ransomware attack. Job security is another area in which perceptions vary significantly by country, as follows:
- Australia: 55%
- Canada: 30%
- Germany: 25%
- Netherlands: 45%
- Nordic countries: 36%
- South Africa: 61%
- United Kingdom: 42%
- United States: 36%
Differences in sentiments among the different countries may be influenced by variables including work and organizational cultures,[2] employment laws,[3] national cybersecurity policies[4] and cybercrime patterns.[5]
Optimism in the Face of Risk
For all that’s at stake, the survey shows a high level of optimism about fending off attacks — even where an admitted lack of basic preparation might indicate otherwise. As analyzed in a separate Mimecast blog post, three-quarters of respondents called themselves very or extremely prepared for a ransomware attack, though fewer than half said they have a disaster recovery plan in place.
Broken out by country, the percentage of respondents feeling very or extremely prepared for an attack looks like this:
- Australia: 85%
- Canada: 73%
- Germany: 79%
- Nordic countries: 60%
- South Africa: 67%
- United Kingdom: 74%
- United States: 84%
When a ransomware attack strikes, those surveyed described a range of defensive moves, with the most common being restoration of data using backups (37%). Ultimately, 39% of respondents said their companies paid the ransom, 42% reported disruption to regular operations, and 36% pointed to significant downtime.
Getting Greater Support Against Ransomware
Perhaps fueling CISOs’ optimism, 78% of survey respondents said they have received budget increases to help address ransomware, and another 12% expect to get ransomware allocations next year. They are primarily directing these funds toward employee awareness training (60%) and maintaining backup files (58%).
Still, survey respondents expressed the need for even more resources for a range of ransomware prevention technologies, processes and training. Employee awareness training leads the list, followed by more and better security systems, systems integration, cyber insurance and staffing.
The need for support is underscored in another survey, from the CISOs Connect cybersecurity community, in which 69% say they’ll likely be successfully attacked by ransomware at least once in the coming year.[6] Respondents from midsize companies expressed an even higher likelihood, with 80% anticipating an attack.
The Bottom Line
A new survey from Mimecast asked security professionals questions about their personal feelings amid a ransomware crime wave. The results show a highly responsible group who often feel that their jobs are on the line if an attack were to occur. They also said they need more support to handle the day-to-day pressures and companywide risk.
[1] “The Security Profession 2020-2021,” Chartered Institute of Information Security
[2] “How Corporate Cultures Differ Around the World,” Harvard Business Review
[3] “OECD Indicators of Employment Protection,” Organization for Economic Cooperation and Development
[4] “National Cybersecurity Index,” e-Governance Academy
[5] “Global Cybercrime Report: Which Countries Are Most at Risk?”, Seon
[6] “Paying the Ransom: New Research Finds That Seventy Percent of CISOs Expect to be Impacted by Ransomware in Next 12 Months,” CISOs Connect
Subscribe to Cyber Resilience Insights for more articles like these
Get all the latest news and cybersecurity industry analysis delivered right to your inbox
Sign up successful
Thank you for signing up to receive updates from our blog
We will be in touch!