Malware and ransomware are one of the most destructive security threats affecting organizations of all sizes, from SMBs to large enterprises and government agencies. Malware is continuously evolving, and organizations are facing significant challenges in responding to the threat and protecting their IT environments against new types of viruses, worms, spyware, ransomware and crypto-jacking malware.
The 2020 Malware and Ransomware Report was produced by Cybersecurity Insiders and Core Security, a HelpSystems Company to reveal the latest malware security trends, challenges, and investment priorities.
Key findings include:
• Eighty-eight percent of respondents see malware and ransomware either as an extreme threat (55%) or moderate threat (33%). Very few respondents (2%) see them as no threat at all.
• A significant majority (75%) of IT security professionals predict malware and ransomware to become a larger threat in the future. That is an increase of four percentage points over last year’s survey.
• Seventy-four percent expect an increase in attack frequency over the next 12 months – an increase of six percentage points since last year. A majority (79%) said an attack within the next two months is at least moderately likely. This is up three percentage points since last year.
• Cybersecurity professionals consider spear-phishing emails the single most dangerous malware attack vector at 83%, followed by web server exploits and domain spoofing (tied at 46%).
• Ransomware is impacting organizations at the business level as well as from an IT security policy and control perspective. On the business side, malware attacks caused an increase in IT security-related spending (59%, up from 52% in last year’s survey) and productivity loss (57%). At the IT operations level, malware is causing system downtime (50%) and forcing cybersecurity professionals to update IT security strategy to focus on mitigation (48%).
• When asked about the most effective security solutions to combat malware/ransomware, security professionals rank anti-malware/antivirus/endpoint security solutions highest at 75%. This is closely followed by user awareness and training at 70%.