Ransomware attacks drive ZTNA adoption

A study of 5,400 IT professionals has revealed a correlation between the direct experience of ransomware and the adoption of a zero-trust approach.

Organizations that had experienced a ransomware attack in the previous year, defined as multiple devices being impacted but not necessarily encrypted, reported considerably higher levels of awareness of the zero-trust approach. They were more advanced in implementing zero-trust network access (ZTNA) solutions than those that hadn’t experienced an incident.

ZTNA demands verification of every endpoint, server, and user before granting access to an application or any part of the network. As adversaries grow ever more skilled in exploiting remote tools and credentials and turning a target’s security policies against them, a defense-in-depth approach to security based on the concept of ‘trust nothing, verify everything’ is becoming the benchmark for protection.

These organizations’ direct experience of ransomware likely accelerated the implementation of a zero-trust approach to help prevent future attacks.

The findings result from an independent survey of 5,400 IT professionals in organizations with between 100 and 5,000 employees conducted by research house Vanson Bourne on behalf of Sophos in 2021.

The role of ZTNA in preventing ransomware attacks

Breaching the victim’s network is one of the first steps in a ransomware attack. The rapid increase in remote working over the last two years has hugely increased the opportunity for attackers to exploit vulnerable VPN clients to get a foothold in an organization. Once inside, they are often free to move laterally throughout the network, escalating privileges and progressing the attack.

By eliminating vulnerable VPN client software, granularly controlling access based on device health and identity, and micro-segmenting applications, ZTNA stops attackers from breaching the organization and moving around it, even if they obtain legitimate credentials.

Key findings from the research include:

Finding one: Ransomware victims have much greater familiarity with the ZTNA approach

IT professionals in organizations that had been hit by ransomware in the previous year are almost 50% more likely to be ‘very familiar’ with the ZTNA approach than those whose organizations hadn’t experienced an incident (59% vs. 39%). It rises to 71% among those whose organizations had been hit and paid the ransom.

Finding two: Ransomware victims are more advanced in their adoption of the zero-trust approach

One quarter (25%) of those whose organizations experienced a ransomware attack in the previous year have already fully adopted a zero-trust approach, rising to 40% of those whose organizations were hit and paid the ransom. In comparison, just one-sixth (17%) of those that hadn’t experienced an attack had already fully migrated to this approach.

Finding three: Ransomware victims have different motivations for adopting a zero-trust approach

Respondents were asked about their motivations for adopting a zero-trust approach and, while there were several commonalities, there were also clear areas of difference.

To improve our overall cybersecurity posture’ was the most common motivator among both victims and non-victims
The second most common motivator among ransomware victims was the desire to ‘simplify our cybersecurity operations’ (43%), potentially reflecting that complex security had contributed to their previous attack.
Ransomware victims are also heavily motivated by ‘supporting our move to increased use of the cloud’ (42%). It dropped to 30% amongst those that hadn’t experienced a recent attack.
Similarly, ransomware victims were also much more likely to say that ‘to move from a CAPEX to an OPEX model´ was one of the main factors behind their zero-trust approach adoption (27% vs. 16%, and rising to 34% among those that had been hit by ransomware and paid the ransom)

Finding four: The pandemic was more likely to impact the zero-trust adoption plans of ransomware victims positively.

For many organizations, the pandemic positively impacted their plans for adopting a zero-trust approach. For many, it created a need for zero trust that they didn’t have before. It is understandable as many companies and public bodies were previously wholly office-based and didn’t need to provide secure remote access.

Half (50%) of ransomware victims and 36% of non-victims reported that the pandemic enabled them to move budget to adopt a zero-trust approach. At the same time, many said that it helped them to divert people and/or money from other activities to zero trust.

The survey findings highlight that organizations that fell victim to ransomware and paid the ransom were most likely to experience a positive pandemic impact on their zero-trust adoption. It seems that the pain of the ransomware attack might have concentrated minds and resources on effectively mitigating a future incident.

Sophos recently launched Zero Trust Network Access (ZTNA), which provides a much more secure and easy-to-manage remote access solution that delivers end-users a transparent, frictionless experience.

Liked this post? Follow SwirlingOverCoffee on Facebook, YouTube, and Instagram.

Follow Us

Trending News

Samsung Ridicules Apple’s Adoption of Big Screens on the iPhone 6 and 6 Plus

Walk like an Egyptian with Street View in Google Maps

ASUS launches Transformer Book Flip – From Laptop to Tablet in Seconds

Xiaomi Redmi 1s Goes on Sale on Sep 4 for P5,599

ASUS Memo Pad 7 Unboxing and First Impressions

Huawei Ascend G6 Review – Midrange Spec’d Selfie Phone

TDK 2-in-1 Micro USB 2.0 Flash Drive Review

ASUS ZenFone 4 Unboxing and First Impressions

ASUS ZenFone 5 Unboxing and First Impressions

Cool your summer with Home Credit’s abot-kayang inverter appliances

realme 12 5G: The latest device under the realme 12 Series is arriving in the PH on April 25

Chill out this summer season: Home Credit’s top refrigerators for your refreshing treats

PLDT, Smart back government ‘eLGU’ push

A Peek Inside FEU TECH’s Dynamic Startup Hub for Student Technopreneurs

Spend your best summer with vivo Y27s

Blog Post

Advertisement

Advertisement

Instagram

Search

Follow Me On

Follow Us

Trending News

Samsung Ridicules Apple’s Adoption of Big Screens on the iPhone 6 and 6 Plus

Walk like an Egyptian with Street View in Google Maps

ASUS launches Transformer Book Flip – From Laptop to Tablet in Seconds

Xiaomi Redmi 1s Goes on Sale on Sep 4 for P5,599

ASUS Memo Pad 7 Unboxing and First Impressions

Huawei Ascend G6 Review – Midrange Spec’d Selfie Phone

TDK 2-in-1 Micro USB 2.0 Flash Drive Review

ASUS ZenFone 4 Unboxing and First Impressions

ASUS ZenFone 5 Unboxing and First Impressions

Cool your summer with Home Credit’s abot-kayang inverter appliances

realme 12 5G: The latest device under the realme 12 Series is arriving in the PH on April 25

Chill out this summer season: Home Credit’s top refrigerators for your refreshing treats

PLDT, Smart back government ‘eLGU’ push

A Peek Inside FEU TECH’s Dynamic Startup Hub for Student Technopreneurs

Spend your best summer with vivo Y27s

Blog Post

Ransomware attacks drive ZTNA adoption

SOC Staff

Related posts

Discovery Shores Boracay is in the Roblox Metaverse

Coca-Cola’s Tapon to Ipon program encourages collection and recycling of plastic bottles during fiestas

Enable better Twitter experience with top 5 safety tips

Alibaba Cloud Unveils Serverless Solution to Harness Gen-AI Capabilities for Enterprises

Globe At Home Prepaid WiFi promo offers free 50GB data

Ninja Van Philippines becomes first private courier partner of the Supreme Court

Advertisement

Advertisement

Instagram