Many organizations in the financial services sector don’t expect to be hit by ransomware. In the recent State of Ransomware in Financial Services 2021 survey by Sophos, 119 financial services respondents indicated that their organizations were not hit by any ransomware attacks in the past year, and they do not expect to be hit by them in the future either.

The respondents mentioned that their confidence relied on the following beliefs:

  • They are not targets for ransomware
  • They possess cybersecurity insurance against ransomware
  • They have air-gapped backups to restore any lost data
  • They work with specialist cybersecurity companies which run full Security Operations Centers (SOC)
  • They have anti-ransomware technology in place
  • They have trained IT security staff who can hinder ransomware attacks

It’s not all good news. Some results are cause for concern. Many financial services respondents that don’t expect to be hit (61%) are putting their faith in approaches that don’t offer any protection from ransomware.

  • 41% cited cybersecurity insurance against ransomware. Insurance helps cover the cost of dealing with an attack, but doesn’t stop the attack itself.
  • 42% cited air-gapped backups. While backups are valuable tools for restoring data post attack, they don’t stop you getting hit.

While many organizations believe they have the correct safeguards in place to mitigate ransomware attacks, 11% believe that they are not a target of ransomware at all. Sadly, this is not true. No organization is safe. So, what are financial institutions to do?

While advanced and automated technologies are essential elements of an effective anti-ransomware defense, stopping hands-on attackers also requires human monitoring and intervention by skilled professionals. Whether in-house staff or outsourced pros, human experts are uniquely able to identify some of the tell-tale signs that ransomware attackers have you in their sights. It is strongly recommended that all organizations build up their human expertise in the face of the ongoing ransomware threat.