Dubai, United Arab Emirates – Cybereason, the leader in operation-centric attack protection, today published a global study of 1,200+ security professionals at organizations that have previously suffered a successful ransomware attack on a holiday or weekend. The study highlights the disconnect between organizational risk and preparedness.

The report, titled Organizations at Risk: Ransomware Attackers Don’t Take Holidays, found that the vast majority of security professionals in the UAE (93%) expressed high concern about imminent ransomware attacks. In spite of this concern, there seems to be a disconnect between the risk ransomware poses to organizations during these off-hour periods and their preparedness — in terms of personnel and technology — to respond, moving into the holiday season.

The Human Element

An indicator of the disconnect between the perceived risk and preparedness is that 39% of respondents in the UAE attributed the previous successful holiday ransomware attack to not having the right cybersecurity coverage plan or because the company was only operating a skeleton crew.

This has unfortunately meant that often times cybersecurity professionals have had to put off personal engagements and weekend plans in order to respond to the attacks — 90% of UAE respondents indicated they have missed a holiday or weekend activity because of a ransomware attack.

Technology Issues

On the technology front, 65% of UAE respondents (16% higher than the global average) said a ransomware attack against their organization was successful because they did not have the right security solutions in place. Most concerning was the fact that just 44% reported having an Endpoint Detection and Response (EDR) solution in place. As EDR is a foundational building block of a robust cybersecurity posture, this is particularly alarming.

Organizational Impact

This lack of preparedness for ransomware attacks on weekends and holidays has a significant impact on victim organizations, with 60% of UAE respondents saying it resulted in longer periods to assess the scope of an attack, 58% reporting they required more time to mount an effective response and 46% indicating they required a longer period to fully recover from the attack.

Interestingly, 23% of UAE respondents (twice the global average) reported their organizations suffered revenue losses as a direct result. This research validates the assumption that it takes longer to assess, mitigate, remediate and recover from a ransomware attack over a holiday or weekend.

“Ransomware attackers don’t take time off for holidays. The most disruptive ransomware attacks in 2021 have occurred over weekends and during major holidays when attackers know they have the advantage over targeted organizations,” said Chief Executive Officer and Co-founder of Cybereason, Lior Div. “This research proves out the fact that organizations are not adequately prepared and need to take additional steps to assure they have the right people, processes and technologies in place so they can effectively respond to ransomware attacks and protect their critical assets.”

Learning from past mistakes

There are some positives to be taken away from the research — findings indicate that UAE organizations have acknowledged the need to enhance their cybersecurity defense and ensure they have the right technology, resources and strategy in place to avoid being hit by an attack during the upcoming holiday season. 77% of respondents stated that their organizations would be adding new technology, 60% are building a more robust contingency plan and 50% planning to increase cybersecurity staff cover over the holidays.

The full report can be obtained here: Organizations at Risk: Ransomware Attackers Don’t Take Holidays.

-Ends-

About Cybereason

Cybereason is the champion for today’s cyber defenders, providing operation-centric attack protection that unifies security from the endpoint, to the enterprise, to everywhere the battle moves. The Cybereason Defense Platform combines the industry’s top-rated AI-powered detection and response (EDR and XDR), next-gen antivirus (NGAV), Anti-Ransomware Protection and Proactive Threat Hunting to deliver context-rich analysis of every stage of a MalOp™ (malicious operation). Cybereason is a privately held, international company headquartered in Boston with customers in more than 40 countries. 

Media Contact:
Vernon Saldanha
Procre8 (on behalf of Cybereason)
vernon@procre8.biz 

Send us your press releases to pressrelease.zawya@refinitiv.com

© Press Release 2021

Disclaimer: The contents of this press release was provided from an external third party provider. This website is not responsible for, and does not control, such external content. This content is provided on an “as is” and “as available” basis and has not been edited in any way. Neither this website nor our affiliates guarantee the accuracy of or endorse the views or opinions expressed in this press release.

The press release is provided for informational purposes only. The content does not provide tax, legal or investment advice or opinion regarding the suitability, value or profitability of any particular security, portfolio or investment strategy. Neither this website nor our affiliates shall be liable for any errors or inaccuracies in the content, or for any actions taken by you in reliance thereon. You expressly agree that your use of the information within this article is at your sole risk.

To the fullest extent permitted by applicable law, this website, its parent company, its subsidiaries, its affiliates and the respective shareholders, directors, officers, employees, agents, advertisers, content providers and licensors will not be liable (jointly or severally) to you for any direct, indirect, consequential, special, incidental, punitive or exemplary damages, including without limitation, lost profits, lost savings and lost revenues, whether in negligence, tort, contract or any other theory of liability, even if the parties have been advised of the possibility or could have foreseen any such damages.