Graham Cluley reports for Hot for Security that Only 38% of businesses believe they will recover from a ransomware attack. He cites a study by Tripwire – Survey: 62% of Companies Lack Confidence in Ability to Confront Ransomware Threat – based on the responses of security professionals at RSA 2016.
Interestingly, Tripwire also ran a Twitter poll asking ‘What is the most important step users can take to prevent ransomware infections?’
The options and responses were:
- 47% said ‘Don’t click suspect links’
- 37% said ‘Back up your data often’
- 11% said ‘Install software patches’
- 5% said ‘Use an AV solution’
I won’t complain about the low ranking of AV here: after all, no-one is suggesting, presumably, that all those options are mutually exclusive, and in fact they’re all steps people should be taking. But I can’t help wondering who these people are who click on a link even though it’s suspicious. Isn’t the point that so many people have such an unformed view of what ‘suspicious’ really means?