DigitalCIO
No Result
View All Result
  • Home
  • Tech News
  • Market Insights
  • CIO Interviews
  • Events and Conferences
  • Opinion and Analysis
  • Resources
DigitalCIO
  • Home
  • Tech News
  • Market Insights
  • CIO Interviews
  • Events and Conferences
  • Opinion and Analysis
  • Resources
No Result
View All Result
Digitalcio
No Result
View All Result
Home Tech News

Sophos Survey Finds $3M Median Recovery Costs For Energy And Water Sectors

DigitalCIO Bureau by DigitalCIO Bureau
July 22, 2024
in Tech News
0
Sophos Survey Finds $3M Median Recovery Costs For Energy And Water Sectors
74
SHARES
1.2k
VIEWS
Share on FacebookShare on Twitter

Sophos has released a sector survey report, “The State of Ransomware in Critical Infrastructure 2024,” which revealed that the median recovery costs for two critical infrastructure sectors, Energy and Water, quadrupled to $3 million over the past year. This is four times higher than the global cross-sector median. In addition, 49% of ransomware attacks against these two critical infrastructure sectors started with an exploited vulnerability.

Data for the State of Ransomware in Critical Infrastructure 2024 report comes from 275 respondents at energy, oil and gas, and utilities organisations, which fall under the Energy and Water sectors of CISA’s 16 defined critical infrastructure sectors. The results for this sector survey report are part of a broader, vendor-agnostic survey of 5,000 cybersecurity/IT leaders conducted between January and February 2024 across 14 countries and 15 industry sectors.

“Criminals focus where they can cause the most pain and disruption so the public will demand quick resolutions, and they hope, ransom payments to restore services more quickly. This makes utilities prime targets for ransomware attacks. Because of the essential functions they provide, modern society demands they recover quickly and with minimal disruption,” said Chester Wisniewski, global Field CTO.

“Unfortunately, public utilities are not only attractive targets but vulnerable to attacks on many fronts, including the requirement for high availability and safety, as well as an engineering mindset focused on physical security. There’s a preponderance of older technologies configured to enable remote management without modern security controls like encryption and multifactor authentication. Like hospitals and schools these utilities are frequently operating with minimal staffing and without the IT staffing required to stay on top of patching, the latest security vulnerabilities and the monitoring required for early detection and response.”

On top of growing recovery costs, the median ransom payment for organisations in these two sectors jumped to more than $2.5 million in 2024—$500,0000 higher than the global cross-sector median. The Energy and Water sectors also reported the second highest rate of ransomware attacks. Overall, 67% of the organisations in these sectors reported being hit by ransomware in 2024, in comparison to the global, cross-sector average of 59%.

Other findings from the report include:

  • The energy and water sectors reported increasingly longer recovery times. Only 20% of organisations hit by ransomware were able to recover within a week or less in 2024, compared to 41% in 2023 and 50% in 2022. Fifty-five percent took more than a month to recover, up from 36% in 2023. In comparison, across all sectors, only 35% of companies took more than a month to recover
  • These two critical infrastructure sectors reported the highest rate of backup compromise (79%) and the third highest rate of successful encryption (80%) when compared to the other industries surveyed

“This once again shows that paying ransom payments almost always works against our best interests. An increasing number (61%) paid the ransom as part of their recovery, yet the amount time it took to recover was extended. Not only do these high rates and amounts of ransoms encourage more attacks on the sector, but they are not achieving the claimed goal of shorter recovery times,” said Wisniewski.

“These utilities must recognise they are being targeted and take proactive action to monitor their exposure of remote access and network devices for vulnerabilities and ensure they have 24/7 monitoring and response capabilities to minimise outages and shorten recovery times. Incident response plans should be planned in advance, the same as for fires, floods, hurricanes and earthquakes, and be rehearsed on a regular schedule.”

Tags: Sophos
Share30Tweet19
DigitalCIO Bureau

DigitalCIO Bureau

Recommended For You

Gartner: AI-optimized cloud infrastructure growing rapidly

by DigitalCIO Bureau
October 15, 2025
0
Infosys: Over $300 billion In Corporate Cloud Commitments Remain Untapped

AI-optimized infrastructure as a service (IaaS) is emerging as the next disruptive growth engine for AI infrastructure. As a result, end-user spending is projected to grow 146% by...

Read moreDetails

OpenAI and Broadcom to Build 10 Gigawatts of AI Infrastructure

by DigitalCIO Bureau
October 15, 2025
0

OpenAI and Broadcom have announced a collaboration for 10 gigawatts of custom AI accelerators. OpenAI will design the accelerators and systems, which will be developed and deployed in...

Read moreDetails

AI Skillsets Critical to Cybersecurity Skills Gap Solution

by DigitalCIO Bureau
October 14, 2025
0
Fortinet Expands Universal SASE Coverage with Two New India-Based Data Centres   

Fortinet has released its 2025 Global Cybersecurity Skills Gap Report, shedding light on the new and persistent challenges organizations face due to the cybersecurity skills gap. The global...

Read moreDetails

Visakhapatnam’s First 50 MW AI Edge Data Center Foundation Laid

by DigitalCIO Bureau
October 14, 2025
0
Visakhapatnam’s First 50 MW AI Edge Data Center Foundation Laid

In a major boost to the Andhra Pradesh government’s digital initiatives, Hon’ble Minister for IT, Electronics and Communications, Real Time Governance and Human Resources Development, Government of Andhra...

Read moreDetails

Mass scanning of Palo Alto Networks, Cisco and Fortinet Login portals

by DigitalCIO Bureau
October 13, 2025
0
Mass scanning of Palo Alto Networks, Cisco and Fortinet Login portals

Cybersecurity intelligence firm GreyNoise has observed an alarming increase in scanning activity against network equipment from major vendors in recent days. Scanning of Palo Alto Networks login portals...

Read moreDetails
Next Post
CommScope To Sell Outdoor Wireless Networks & DAS Businesses To Amphenol For $2.1bn

CommScope To Sell Outdoor Wireless Networks & DAS Businesses To Amphenol For $2.1bn

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Related News

Tata Technologies Collaborates With Microsoft And Tata Motors To Drive Innovation With InnoVent Hackathon

Tata Technologies Collaborates With Microsoft And Tata Motors To Drive Innovation With InnoVent Hackathon

June 19, 2024
Veeam Updates Ransomware Protection and Security for Kubernetes with New Release of Kasten by Veeam K10 V6.5 

Veeam Enhances Global ProPartner Network to Help Partners Benefit from the Growth in Demand for Cyber Resilience

January 17, 2024

Google disables snoopy iOS app, apologises

January 31, 2019

Browse by Category

  • Acquisition
  • Appointment
  • Archive
  • Artificial Intelligence
  • CIO Interviews
  • Cloud
  • Datacenter
  • Events and Conferences
  • Market Insights
  • News
  • Opinion and Analysis
  • Products
  • Resources
  • Security
  • Storage
  • Tech News
  • Telecom
Digitalcio

Welcome to DigitalCIO, your ultimate source for staying ahead in the ever-evolving world of technology and business.

BROWSE BY TAG

Acquisition AI Appointment artificial intelligence Artificial Intelligence and Machine Learning AWS Barracuda Big Data and Analytics Blockchain CISCO Cloud Computing Cloudflare Commvault CrowdStrike Cybersecurity Digital Transformation Dynatrace E-books Fortinet Gartner GenAI Generative AI Google Cloud HCLTech Honeywell IBM Infographics Internet of Things (IoT) Kaspersky Microsoft Netskope NTT DATA Palo Alto Networks Panel Discussion Qlik Salesforce Sophos Tenable Trend Micro Veeam Veeam Software Vertiv Webinars Whitepaper Zscaler

CATEGORIES

  • Tech News
  • Market Insights
  • CIO Interviews
  • Events and Conferences
  • Opinion and Analysis
  • Resources
  • Archive

NAVIGATION

  • Home
  • About Us
  • Advertise with Us
  • Contact Us

© 2024 digitalcio.in - All rights reserved.

No Result
View All Result
  • Home
  • Tech News
  • Market Insights
  • CIO Interviews
  • Events and Conferences
  • Opinion and Analysis
  • Resources

© 2024 digitalcio.in - All rights reserved.

Are you sure want to unlock this post?
Unlock left : 0
Are you sure want to cancel subscription?