1 minute read
CYBER RISK IS BUSINESS RISK
Mimecast, has released its latest State of Ransomware Readiness 2 report, revealing that ransomware has become a primary threat to organisations worldwide, with Middle Eastern companies not spared from the devastating impact of ransomware attacks.
The report found that 59% of cybersecurity leaders in the UAE have seen the number of cybersecurity attacks increase or stay the same over the past year, with 39% saying they’ve experienced significant downtime due to a ransomware attack.
Mimecast’s State of Ransomware Readiness 2 report is based on insights from 1100 cybersecurity decision-makers in Australia, France, Canada, Germany, the Netherlands, the Nordics, Singapore, South Africa, the UAE, UK and US.
Business and security leaders see ransomware attacks as virtually inevitable. Seventy-five percent of businesses in the UAE reported they experienced a ransomware attack in the past year, ahead of a global average of 64%. The consequences can be devastating: a third of UAE cybersecurity teams have experienced an increase in the number of absences due to burnout following an attack, while 23% have seen changes in the C-suite due to a successful ransomware attack.
The report further found that 44% of UAE organisations have experienced a loss in revenue due to a ransomware attack in the past twelve months. This may partly explain why nearly half, 46% of cybersecurity professionals in the UAE are considering leaving their role in the next two years due to stress or burnout, with 73% of cybersecurity leaders in the region saying their role gets more stressful every year.
The research also found that 94% of global cybersecurity leaders believe more budget is required to combat ransomware, with 24% of UAE organisations seeking an increase of 11% to 20% in their annual cybersecurity budgets.
Cybersecurity leaders need to focus on proactively reducing the chances of a ransomware attack causing disruption. Organisations need integrated security tools to improve threat detection capabilities and relieve pressure on busy security teams. Good fundamental security practices must be in place to reduce vulnerabilities, and security teams need to evaluate crisis planning to understand the real consequences of an attack.
It is also essential that leaders acknowledge that cyber risk is business risk, and not leave the financial and personnel resource burden to only IT teams. ë