Two-Thirds of CISOs Plan to Ramp up the Battle Against Ransomware With Machine Learning, New Research Reveals

Over 67 percent of CISOs plan to embrace new technology including machine learning tools to detect ransomware activity over the next year, research conducted by Evaluator Group determined, with earlier detection of ransomware corruption and support for faster discovery of the last clean backup the top analytics requested.

Evaluator Group conducted a survey of 163 CISOs to define the top data management challenges, at the behest of Index Engines, whose CyberSense software detects signs of data corruption due to ransomware and facilitates an intelligent and rapid restoration.

Latest Insights: Leverage Artificial Intelligence Tools to Reduce Fraud and Friction for Customers

“Machine learning and analytics are critical in the race against cyber criminals and CISOs have realized this,” said Jim McGann, VP of Business Development and Marketing at Index Engines. “Ransomware attacks are getting more sophisticated, evading thresholds and metadata-level security tools. Machine learning and analytics can observe data, look deep into files and make deterministic decisions on whether it’s been corrupted by ransomware or give you confidence that it’s clean for recovery.”

CISOs struggle to detect attacks and find the last known good copy of data for recovery, the study found, along with bare minimum recovery expected to take hours with full recovery expected to take weeks or months often resulting in data that is forever lost due to malicious corruption.

Currently, security professionals lack in-house ability to use deep forensic analysis to determine what happened and how to recover intelligently, the report stated. Only 11% of respondents indicated they have all the capabilities they need from their current vendors.

Two-thirds of the respondents said they plan to add data analytics and/or machine learning tools to detect suspicious activity over the next year, the report showed. More than half said they planned to add data loss prevention software and tools to continuously monitor for malicious software. Rounding out the top five choices were audit data for sensitive content (48%) and data forensics analysis for post-ransomware attack (47%).

Budgets are increasing to support the increasing sophistication of ransomware attacks, the report showed, with 84% reporting their cyber security budget is increasing this year, with 49% of budgets increasing up to 10%. Only 12% said it would increase more than 25%, the same number who said there would be no change. Only 4% said their cybersecurity budget is decreasing.

Read: ChatGPT Is Much More Than A Data Prep Assistant

When asked what they wanted most for cyber resiliency analytics, 71% of respondents said “earlier detection of a cyberattack,” with 43% listing “faster identification of last known good recovery point” and 41% selecting “increased confidence that malware was eradicated from the environment.”

“Organizations need features such as anomaly detection and the ability to find the last known good copy of data following an attack to fully recover,” Evaluator Group senior analyst Dave Raffo said. “Data forensics tools and processes that focus on analyzing, identifying, monitoring and reporting on digitally stored data can help facilitate successful data recovery.”

AiThority: The 3 Building Blocks to Make AI Accessible

[To share your insights with us, please write to sghosh@martechseries.com]