UK businesses' concern over supply chain ransomware
Only 44% have strict requirements in place when it comes to supply chain relationships
London, UK – 28 October 2021: Osirium Technologies plc(AIM: OSI), a leading UK-based cyber security software vendor, has today shared findings from the latest Osirium Ransomware Index which suggests that ransomware attack risks impact organisations differently; particularly when businesses depend on outsourced IT.
Of the 1001 UK IT managers surveyed for the research, 77% expressed a growing concern that despite their company having a good protection system in place, they could still be at risk of an attack by proxy – via their supply chain. Approximately55% were also of the opinion that whilst some attacks are avoidable, others aren’t - which underlines the opportunities for vendors and channel partners to assist customers in identifying and understanding where the very real ransomware threats lie and supporting them in protecting their businesses accordingly.
The need to take control
Across the respondents surveyed, 39% estimated it would take a week for their business to recover from a cyberattack – with 47% admitting it could take a month or more. In addition, medium and large sized businesses were most concerned about their supply chain putting them at risk (82%) yet, despite this, only 44% have a strict requirement in place when it comes to the supply chain relationships. 39% said they had a loose agreement whilst 8% don’t have, or haven’t even considered, one. However, 66% of businesses say they ask for regular updates from their supply chain about their measures and protection/recovery plan to tackle ransomware attacks.
The supply chain risk
Over three-quarters (77%) of all respondents were concerned about the risk from their supply chain (suppliers, clients, and partners) and that figure rises to 82% when the IT depends on outsourced IT services.
Who’s getting attacked?
Looking deeper into those numbers, 69% of in-house IT teams have experienced a ransomware attack and that number rises to 88% for those with partially or fully outsourced IT.
More than half of those surveyed (56%) with fully outsourced IT services said they had also sought specific external consultancy on how to prepare for a ransomware attack. 61% of businesses with A mix of in-house and outsourced IT services said they use online backups to prepare for a ransomware attack – versus just 46% of businesses with a fully internalised IT.
“The Ransomware Index unfortunately shows that despite continued improvements in security protocols, clients remain concerned about the risks of ransomware attacks from third party IT suppliers,” said David Guyatt, CEO at Osirium. “There seems to still be a long way for MSPs and MSSPs to go before client confidence reaches an acceptable level, and they should therefore take action now in improving their ransomware protection– both to protect their clients and to benefit from early competitive differentiation.”
The survey was carried out on behalf of Osirium by Atomik Research, an independent creative market research agency that employs MRS-certified researchers and abides to MRS code, and surveyed 1001 IT managers across the UK between 30 July and 5 August2021.
About Osirium Technologies
Osirium Technologies plc (AIM:OSI) is a leading UK-based cybersecurity software vendor delivering Privileged Access Management (PAM), Privileged Endpoint Management (PEM) and Osirium Automation solutions that are uniquely simple to deploy and maintain.
With privileged credentials involved in over 80% of security breaches, customers rely on Osirium PAM’s innovative technology to secure their critical infrastructure by controlling 3rd party access, protecting against insider threats, and demonstrating rigorous compliance. Osirium Automation delivers time and cost savings by automating complex, multi-system processes securely, allowing them to be delegated to Help Desk engineers or end-users and to free up specialist IT resources. The Osirium PEM solution balances security and productivity by removing risky local administrator rights from users, while at the same time allowing escalated privileges for specific applications.
Founded in 2008 and with its headquarters in Reading, UK, the Group was admitted to AIM in April 2016. For further information please visit www.osirium.com.