Struggling to recruit and retain skilled cyber security professionals as ransomware attacks multiply, 35 per cent Indian IT managers feel they are significantly behind when it comes to understanding cyber threats, a new survey said on Wednesday.
The survey by cybersecurity firm Sophos revealed that organisations are never the same after being hit by ransomware.
In particular, the confidence of IT managers and their approach to battling cyberattacks differ significantly depending on whether or not their organisation has been attacked by ransomware.
Indian IT managers spent 42 per cent of their time focussing on threat prevention and confessed that 27 per cent of their time is focused on responding to cyber threats.
Nearly 58 per cent Indian businesses admitted that recruiting and retaining skilled cybersecurity professionals is their single biggest challenge when it came to cybersecurity, the findings showed.
Globally, IT managers at organisations hit by ransomware are nearly three times as likely to feel “significantly behind” when it comes to understanding cyberthreats, compared to their peers in organisations that were unaffected.
“The difference in resource priorities could indicate that ransomware victims have more incidents to deal with overall,” said Chester Wisniewski, principal research scientist at Sophos.
“However, it could equally indicate that they are more alert to the complex, multi-stage nature of advanced attacks and, therefore, put greater resources into detecting and responding to the tell-tale signs that an attack is imminent”.
When it comes to security focus, the survey found that ransomware victims spend proportionally less time on threat prevention (42.6 per cent) and more time on response (27 per cent) compared to those who haven’t been hit.
SophosLabs researchers found that the Ryuk ransomware attackers used updated versions of widely available and legitimate tools to compromise a targeted network and deploy ransomware.
“Our investigation of the recent Ryuk ransomware attack highlights what defenders are up against. IT security teams need to be on full alert 24 hours a day, seven days a week and have a full grasp of the latest threat intelligence on attacker tools and behaviors,” said Wisniewski.
“Whatever the reasons, it is clear that when it comes to security, an organization is never the same again after being hit by ransomware,” he added.