You are currently viewing Ransomware attacks enabled by “malicious insiders” warn Gigamon

Ransomware attacks enabled by “malicious insiders” warn Gigamon

Nearly a third of organizations have experienced a ransomware attack enabled by a malicious insider, a threat seen as often as the accidental insider (35%), according to a new report from cloud visibility and analytics firm Gigamon.

Gigamon reports that his Ransomware Status 2022 and Beyond A global survey of IT and security leaders in the US, EMEA and Asia-Pacific also found that 59% of organizations believe ransomware has gotten worse in the last three months – with phishing (58 percent), malware/computer viruses (56 percent), and cloud applications (42 percent) cited as other common threat vectors.

“As the ransomware crisis escalates, threat actors like the Lapsus$ Group are now well known for preying on disgruntled employees to gain access to corporate networks – 95% (and 99% of CISOs/CIOs ) view the malicious insider as a significant risk,” warns Gigamon.

“Fortunately, 66% of these respondents now have a strategy in place to deal with both types of insider threats. However, it is clear that many organizations lack the visibility needed to distinguish the type of insider threat that puts their business at risk, which significantly complicates risk reduction.

“Organizations are increasingly relying on observability tools to monitor their hybrid cloud environments to detect application-level security and performance issues, but these tools can expose them because they lack visibility. at the network level of their infrastructure.”

Gigamon says that to eliminate these blind spots, organizations are increasingly turning to deep observability solutions to achieve advanced network-level security analysis and lateral threat detection and provide defense-in-depth in their organizations. hybrid and multi-cloud environments.

“Depth observability is recognized by security teams around the world as crucial to a successful ‘defense-in-depth’ posture,” said Ian Farquhar, Sydney-based Field CTO (Global) and director of the security architecture team at Gigamon.

“This holistic visibility is key to supporting infosecurity professionals as they address a number of challenges, including cloud misconfigurations and the rise of malicious insider threats, as well as a culture of pointing the finger and blame when things go wrong.”

Gigamon notes that the survey also found that 88% of respondents globally believe there is a “blame culture” in the cybersecurity industry, with 38% in the US and 37% in Singapore seeing this. tendency to point fingers when violations occur as “heavily”. frequent’.

“Disturbingly, 94% of those who recognize the blame culture told Gigamon that it can also be a drag on how quickly an incident is reported. To overcome this, 42% of organizations are calling for more transparency, along with industry-wide collaboration (29%) and the need to provide CIOs/CISOs with “deep observability” (22%)” , observes Gigamon.

“Deep observability can be defined as harnessing actionable intelligence at the network level to amplify the power of monitoring tools based on metrics, events, logs, and traces. In addition to being a solution requested by CIOs/CISOs to combat the culture of blame, Deep Observability (66%) was cited equally with Zero Trust (66%) as key to mitigating the risk associated with malicious insider threat.

“However, since the release of the Zero Trust 2020 Gigamon report, awareness of the complexities of Zero Trust has grown, meaning many now lack confidence in its implementation: 44% of EMEAs now believe that Zero Trust requires too much oversight and resources (up 21%).

“Conversely, deep observability is now recognized as central to cybersecurity, not just for ransomware protection, but even more so for hybrid and multi-cloud infrastructure protection (89% of respondents globally agree) and ensuring a safe migration to the cloud (82% of global respondents agree),” concludes Gigamon.

Gigamon lists additional key findings as follows:

  • Ransomware is considered a priority at the board level. 89% of global boards consider this threat a top concern, with numbers rising in the UK (93%), Australia (94%) and Singapore (94%). When asked how this cyber threat was perceived, the top perception across all regions was that it was a “reputation issue” (33%).
  • Cyber ​​insurance worries. 57% of respondents agreed that the cyber insurance market is exacerbating the ransomware crisis. In Asia-Pacific, where cyber insurance is most commonly used, this concern is felt by 66% of Australian respondents and 68% of those in Singapore.
  • The United States is leading the way with Zero Trust. While EMEA may have lost some confidence in implementing Zero Trust, 59% in the US agree that this framework is achievable. Additionally, US respondents are the most certain of the complementary link between zero trust and deep observability, with 47% saying the two are strongly linked.


Thoughtworks presents XConf Australia, back in person in three cities, bringing together people who care deeply about software and its impact on the world.

Now in its fifth year, XConf is our annual technology event created by technologists for technologists.

Participate in a robust discussion program as local thought leaders and Thoughtworks technologists share first-hand experiences and discuss new ways to empower teams, deliver great software, and drive innovation for technology responsible.

Learn how we at Thoughtworks are improving technology, together.

Tickets are available now and all proceeds will be donated to Indigitek, a non-profit organization that aims to create tech employment pathways for First Nations people.

Click the button below to register and get your ticket to the Melbourne, Sydney or Brisbane event


Leave a Reply