The Osirium Ransomware Index has suggested that UK businesses fear increased risk of ransomware attack via their supply chains, particularly when they depend on outsourced IT.
The research surveyed 1,001 UK IT managers and found that 77% were concerned that their business could be at risk of an attack via their supply chain, despite having an effective internal protection system.
Roughly 39% estimated it would take their business a week to recover from a cyberattack – although a majority of 47% said it could take as long as a month or more.
Medium and large sized businesses were most concerned about the risk from their supply chain – but only 44% had a strict requirement in place for supply chain relationships in order to protect themselves. Only 39% had a loose agreement and 8% didn’t have one at all.
Despite this, 66% of respondents at least asked their supply chain regularly about safety measures and protection/recovery plans to tackle ransomware attacks.
The majority – 77% – were concerned about the risk from their supply chain, a figure which rose to 82% when outsourced IT services were involved. More than half of respondents with fully outsourced IT services had sought specific external consultancy on how to prepare for a ransomware attack.
“The Ransomware Index unfortunately shows that despite continued improvements in security protocols, clients remain concerned about the risks of ransomware attacks from third party IT suppliers,” said David Guyatt, CEO at Osirium.
“There seems to still be a long way for MSPs and MSSPs to go before client confidence reaches an acceptable level, and they should therefore take action now in improving their ransomware protection – both to protect their clients and to benefit from early competitive differentiation.”