Hyland 160x1200

Hyland 160x1200

Hyland 705x108

Friday, 19 August 2022 10:47

Global ransomware survey reveals one in three organisations see malicious insiders as a route for ransomware

By Gigamon
Ian Farquhar, Field CTO (Global) and director of security architecture team, Gigamon Ian Farquhar, Field CTO (Global) and director of security architecture team, Gigamon

GUEST RESEARCH: Gigamon, the leading deep observability company, today launched its first State of Ransomware 2022 and Beyond report aimed at providing insights into how the threatscape is evolving and how the severity of the ‘blame culture’ in cybersecurity is escalating.

According to the global survey of IT and security leaders across the US, EMEA and APAC, nearly one-third of organisations have suffered a ransomware attack enabled by a malicious insider, a threat seen as commonly as the accidental insider (35%).

Furthermore, 59% of organisations believe ransomware has worsened in the last three months, with phishing (58%), malware/computer viruses (56%) and cloud applications (42%) cited as other common threat vectors.

As the ransomware crisis worsens, threat actors like Lapsus$ group are now well-known for preying on disgruntled employees to gain access to corporate networks – 95% (and 99% of CISOs/CIOs) view the malicious insider as a significant risk.

Fortunately, 66% of these respondents now have a strategy for addressing both types of insider threats. However, it’s clear that many organisations lack the visibility required to distinguish which type of insider threat is endangering their business, which makes it significantly harder to mitigate risk.

Increasingly, organisations rely upon observability tools to monitor their hybrid cloud environments for security and performance issues at the application level, but these tools can leave them exposed because they lack visibility at the network level of their infrastructure.

To eliminate these blind spots, organisations are increasingly turning to deep observability solutions to gain advanced network-level security forensics and lateral threat detection and assure defence in depth across their hybrid and multi-cloud environments.

“Deep observability is acknowledged by security teams around the world as crucial to a successful ‘defence in depth’ posture,” said Sydney-based Gigamon field CTO (global) and security architecture team director Ian Farquhar.

“This holistic visibility is essential to support infosecurity professionals as they battle a number of challenges, including cloud misconfigurations and the rise in malicious insider threats, as well as a culture of finger pointing and blame when things go wrong.”

The blame culture

The survey also revealed that 88% of global respondents believe there is a ‘blame culture’ in the cybersecurity industry, with 38% in the US and 37% in Singapore seeing this tendency to point the finger when breaches occur as ‘heavily prevalent’.

Worryingly, 94% of those who recognise the blame culture told Gigamon that it could also be a deterrent to the speed of reporting an incident. To overcome this issue, 42% of organisations are calling for more transparency, as well as industry-wide collaboration (29%) and the need to provide CIOs/CISOs with ‘deep observability’ (22%).

A new frontier: deep observability

Deep observability can be defined as harnessing actionable network-level intelligence to amplify the power of metric, event, log and trace-based monitoring tools. As well as being a solution in demand by CIOs/CISOs to tackle the blame culture, deep observability (66%) was cited on par with Zero Trust (66%) as key to mitigating the risk associated with the malicious insider threat.

However, since the release of the Zero Trust 2020 Gigamon report awareness of Zero Trust’s complexities has grown, meaning many now lack confidence in its implementation: 44% of EMEA now believe that Zero Trust requires too much oversight and resources (up 21%).

Conversely, deep observability is now recognised as central to cybersecurity, not only for ransomware protection, but even more so for protecting hybrid and multi-cloud infrastructures (89% of global respondents agree) and ensuring safe cloud migration (82% of global respondents agree).

Additional key findings:

#  Ransomware is seen as a board-level priority. 89% of global boardrooms see this threat as a priority concern, a number that rises in the UK (93%), Australia (94%) and Singapore (94%). When asked how this cyber threat is viewed, the leading perception across all regions was that it is a ‘reputational issue’ (33%).

#  Cyber insurance is causing concern. 57% of those surveyed agreed that the cyber insurance market is exacerbating the ransomware crisis. In APAC, where cyber insurance is most commonly employed, this concern is felt by 66% of Australian respondents and 68% of those in Singapore.

#  The US is leading the way with Zero Trust. While EMEA may have lost some confidence in implementing Zero Trust, 59% in the US agree that this framework is attainable. What’s more, US respondents are the most certain about the complementary tie between Zero trust and deep observability, with 47% claiming the two are strongly connected.

About Gigamon

Gigamon offers a deep observability pipeline that harnesses actionable network-level intelligence to amplify the power of observability tools. This powerful combination helps enable IT organisations to assure security and compliance governance, speed root-cause analysis of performance bottlenecks, and lower operational overhead associated with managing hybrid and multi-cloud IT infrastructures. The result: modern enterprises realise the full transformational promise of the cloud. Gigamon serves more than 4,000 customers worldwide, "including over 80% of Fortune 100 enterprises, 9 of the 10 largest mobile network providers, and hundreds of governments and educational organisations worldwide. To learn more, please visit gigamon.com


Read 1239 times

Please join our community here and become a VIP.

Subscribe to ITWIRE UPDATE Newsletter here
JOIN our iTWireTV our YouTube Community here


Thoughtworks presents XConf Australia, back in-person in three cities, bringing together people who care deeply about software and its impact on the world.

In its fifth year, XConf is our annual technology event created by technologists for technologists.

Participate in a robust agenda of talks as local thought leaders and Thoughtworks technologists share first-hand experiences and exchange new ways to empower teams, deliver quality software and drive innovation for responsible tech.

Explore how at Thoughtworks, we are making tech better, together.

Tickets are now available and all proceeds will be donated to Indigitek, a not-for-profit organisation that aims to create technology employment pathways for First Nations Peoples.

Click the button below to register and get your ticket for the Melbourne, Sydney or Brisbane event



It's all about Webinars.

Marketing budgets are now focused on Webinars combined with Lead Generation.

If you wish to promote a Webinar we recommend at least a 3 to 4 week campaign prior to your event.

The iTWire campaign will include extensive adverts on our News Site itwire.com and prominent Newsletter promotion https://itwire.com/itwire-update.html and Promotional News & Editorial. Plus a video interview of the key speaker on iTWire TV https://www.youtube.com/c/iTWireTV/videos which will be used in Promotional Posts on the iTWire Home Page.

Now we are coming out of Lockdown iTWire will be focussed to assisting with your webinars and campaigns and assistance via part payments and extended terms, a Webinar Business Booster Pack and other supportive programs. We can also create your adverts and written content plus coordinate your video interview.

We look forward to discussing your campaign goals with you. Please click the button below.


Share News tips for the iTWire Journalists? Your tip will be anonymous




Guest Opinion

Guest Reviews

Guest Research

Guest Research & Case Studies

Channel News