Around 44% of retail organizations were hit by a ransomware attack in 2020, and more than half of those affected (54%) said cybercriminals had succeeded in encrypting their data, according to a recent report. With the rapid growth in online transactions after the pandemic, the risk surface expanded, challenging retailers to undertake measures to prevent ransomware attacks.
To better understand the impact of ransomware in the retail industry, BitSight and ThirdPartyTrust teamed up to provide this research report that analyzed hundreds of ransomware attacks to provide specific findings that will help retail organizations stay ahead.
The research report, titled Ransomware In The Retail Sector, is available for free download:
This research by BitSight and ThirdPartyTrust contains a number of critical performance indicators that can help security professionals in the retail sector reduce the risk of becoming a ransomware victim. Get the research report now.
Based on our analysis, we find that certain security program practices may be critical to reduce the likelihood of experiencing a ransomware incident. We also identify which vulnerabilities are closely tied with ransomware campaigns.
The analysis includes:
- Likelihood of ransomware based on overall security performance
- How patching cadence impacts ransomware risk
- Specific vulnerabilities tied to ransomware risk
- Certificate and configuration management tied to ransomware risk
Ransomware: A Global Epidemic
2021 has been dominated by ransomware. The data confirms that the number of successful attacks is increasing across all organizations, all sizes, and all sectors, but not equally.
Why is this threat growing so rapidly? It’s all about the money. It is now typical for criminals to obtain multiple ransomware payments
from the same victim. Numerous high-profile incidents around the globe (Kaseya, Colonial Pipeline) have shed light on the damaging impact that ransomware can have on individual organizations and global supply chains.
According to Sophos, globally across all sectors, the average ransom payment is US$170,404. In retail, the average ransom payment is US$147,811. However, the ransom only got some organizations their data back.
With 62% of retail organizations expecting to be hit by ransomware in the future, there’s room for improvement and enhancing cybersecurity strategies. While the accelerated digital transformation and the increase in online trading created considerable workload, it also provided new learning opportunities for retailers.
How Can Your Organization Stay Ahead of Ransomware?
Cybersecurity is not a one-and-done effort, but a day-to-day risk management. Cyber hygiene best practices also need to extend to your vendors, partners, suppliers, and any third-party member of your network to prevent phishing, ransomware, and business email compromise.
Read More: 10 Tips to Prevent, Detect, Contain, and Respond to Ransomware Attacks
Cybercriminals are often able to find and attack the least secure business in the supply chain and use that foothold to gradually compromise their partners. Having tools that provide deep insight into the risks and security performance of every member of your supply chain is critical.
ThirdPartyTrust can help by providing a one pane of glass risk dashboard, with end-to-end vendor risk assessment automation for making informed decisions about vendors, and continuously monitoring their security posture.
Let us show you how ThirdPartyTrust can help you control ransomware and other risks across your third party supply chain. Talk to an expert today.
Top Tips to Prevent and Contain Ransomware Attacks
Due to the rash of headline-stealing attacks over the past year, ransomware preparedness has become a board-level issue for most CISOs.
These are the ten tips a CISO has found to be most effective to prevent, detect, contain, and respond to ransomware attacks.
