Ransomware takes backseat to data theft for IT pros

Plus, almost 90 percent of security pros see increase in security alerts over past 12 months, says MSSP research.

Posted 12 September 2023 by Christine Horton

Despite ransomware making headlines globally, most IT pros are more concerned about data theft within their organisation.

Research by managed security service provider (MSSP) Integrity360 shows that more than half of IT security decision makers cite data theft as the biggest concern, with ransomware taking third place (29 percent) after phishing (35 percent).

Additionally, CIOs (30 percent) and CTOs (33 percent) ranked APTs (advanced persistent threats) and targeted attacks as a bigger concern than ransomware (28 percent, 33 percent). Inegrity360 maintained that as APTs are generally established to deliver objectives with national-level implications such as espionage or destruction of infrastructure, it’s no surprise that as the threats continue to mount, “the emphasis on ransomware, whilst still an ongoing concern, is lessoning relative to other threats.”

Furthermore, APTs and targeted attacks were cited by almost 20 percent of respondents as the fourth most frequent cybersecurity incident, ahead of ransomware (15 percent) which was ranked amongst one of the least common incident being seen by businesses.

Data theft (27 percent) was the second most common cybersecurity incident being seen within businesses, topped only by phishing (46 percent). This correlates with the mounting concerns around data theft and the increasing need to protect sensitive data which emerged as the top cybersecurity challenge keeping professionals awake at night (48 percent). This was closely followed by managing risk and compliance (28 percent) and defending identities (26 percent).

The research was highlighted at the opening of Integrity360’s latest Secure Operations Centre (SOC) in Dublin (pictured).

Underutilised and overlapping tools

“IT environments have become increasingly complex with many enterprises now employing multicloud strategies and multiple products, which can leave gaps in security, and see businesses paying for underutilised and overlapping tools unnecessarily,” said Brian Martin, head of product development, innovation and strategy at Integrity360. “Consolidation of cybersecurity architectures can strengthen risk posture, reduce the number of tools and vendors in place, eliminating silos, reducing costs and improving overall security posture.”

Of the 205 IT security decision makers surveyed, 89 percent reported an increase in the volume of security alerts over the past 12 months, with 76 percent reporting and increase of between 1-50 percent of alerts. Twenty six percent of those reported a 26-50 percent increase in alerts, highlighting the mounting pressure on security teams and the incessant threats that businesses are facing.

Challenges in incident response

The research also uncovered challenges in incident response, shedding light on budgetary constraints in cybersecurity. Insufficient budgets (31 percent) were highlighted as the top challenge for effectively responding to incidents, followed by the complexity of incidents (27 percent) and lack of board-level understanding of incident response (27 percent).  A shortage of incident response skills, experience and tools (38 percent) are also seen as being significant hurdles.

“Insufficient budgets can leave organisations vulnerable to attack. Businesses need to prioritise cybersecurity spend to avoid the financial and reputational ramifications that will often outweigh any initial investment in cybersecurity tools and processes. Likewise, being able to respond quickly is vital in the wake of a cybersecurity incident and investing in IR services, training and expertise can make all the difference when responding to a breach or serious incident,” said Martin.