Which sectors are at the highest risk of ransomware?
Leveraging the ransomware likelihood analysis, BitSight examined whether certain sectors are at higher risk of experiencing ransomware incidents based on the security performance of organizations in these key risk vectors. Employing a statistical analysis, we found the following:
Sectors with “high” ransomware risk have a generally high proportion of organizations with grades B or lower across BitSight’s Patching Cadence, TLS/SSL Configuration, and TLS/SSL Certificates risk vectors. Therefore, these sectors have a high proportion of organizations at a heightened risk of ransomware. In general, our low, mild, moderate, and high categories refer to the proportion of organizations within a sector at an increased ransomware risk.
Low-risk sectors aren’t necessarily low risk because they aren’t targeted. In fact, some of the lowest-risk sectors are those that are targeted the most – finance, legal, and business services, for example. BitSight believes these sectors are at lower risk because they have implemented more effective, measurable defensive programs by investing significant resources in cybersecurity protection, acquiring and retaining top IT talent, and leveraging existing research and analytics to reduce ransomware risk in a targeted way. As a result, organizations in these sectors are able to counter attack tactics and techniques with sound defensive strategies.
You can read more about BitSight’s analysis here.
Next steps for policymakers
Policymakers are taking an important step forward by leveraging data-driven performance metrics to understand critical infrastructure sector risk and make better decisions about strategy and tactics. By incorporating measurements that are scientifically related to security outcomes like BitSight analytics, they can make significant progress in meaningfully reducing risk to critical infrastructure. Leveraging non-intrusive data can ensure that policymakers have a solid foundation of data that can be supplemented with additional data sets over time.
If policymakers are interested in reducing the likelihood of critical infrastructure organizations experiencing a ransomware incident, they should focus on 3 risk vectors that BitSight finds to be strongly correlated to ransomware likelihood. Policymakers should also prioritize collaboration efforts with sectors that have a higher proportion of organizations that demonstrate weaker performance in these areas. Using a data-driven approach will help all stakeholders better understand gaps and resolve issues effectively.