Ransomware Action Plan: what comes next?

Ransomware has been a concern for IT leaders for several years but has escalated in recent years, and the recent announcement of the Australian Government’s Ransomware Action Plan (RAP) reinforces the seriousness of the problem.

Mimecast closely tracks cybersecurity trends year-on-year, and we’re seeing an annual increase in ransomware attacks. Mimecast’s State of Email Security (SOES) Report 2021 revealed that six out of 10 Australian organisations suffered a ransomware attack last year, which is a significant rise from 48 per cent the previous year.

Until now it’s been unclear whether companies should or shouldn’t pay ransoms, with no streamlined guidance. Now, the Government has clearly stated in the RAP that it does not condone the payment of ransoms.

The SOES report found that, out of the 54 per cent of Australian businesses that paid a ransom, 24 per cent did not recover their data, even after paying up — highlighting that paying a ransom is not the best option and further validating the government’s stance.

That said, according to Mimecast’s inaugural State of Ransomware Readiness Report 2021, over half of Australian executives (55 per cent) feel they could lose their job as a result of a ransomware attack.

This means that huge focus needs to be given to how to effectively implement mandatory reporting of attacks. Consideration to the reporting of attacks must ensure that the problem isn’t pushed underground by executives, nervous that their careers could be on the line if they report and shine a spotlight on their organisation’s ransomware woes. Close collaboration with the cybersecurity industry will be essential when working through the details.

What’s next for SMB IT leaders?

Mandatory reporting of attacks is only being proposed for businesses turning over $10 million or more per year. The RAP in its current form will therefore not go anywhere near measuring the true scope of the problem, when you consider that businesses which fall below the proposed reporting threshold account for 98 per cent of Australian businesses, according to ABS data.

SMBs have not been completely isolated from the Ransomware Action Plan, with reference to some support being offered to these organisations. However, at Mimecast we strongly believe there needs to be a level of ‘cybercare’ available for SMBs, just like healthcare for citizens.

According to the State of Ransomware Readiness Report, nearly half of Australian executives would also like additional resources for more frequent security awareness training of end-users (40 per cent) and up-to-date security systems (38 per cent). Many of these executives are from larger organisations and with smaller companies even more limited on budget and time, it’s natural to conclude they would benefit even more from additional support.

Like universal healthcare, Cybercare holds economic benefits for the community by providing strong, streamlined, cybersecurity protection at an individual and business level, making it a valuable investment in the growth of our economy.

It also helps harden the thousands of supply chains that SMBs are involved in, which is immeasurable in its value.

While we look forward to consulting with the public sector on the details of the Ransomware Action Plan, we encourage IT leaders across private and public sector to stay up to date with the latest government/industry recommendations.

Learn how to fight back against ransomware at www.mimecast.com/anz/ransomware.

Image credit: ©stock.adobe.com/au/zephyr_p