Intelligent CIO Middle East Issue 76 | Page 76

VPN clients to get a foothold in an organisation . Once inside , they are often free move laterally throughout the network , escalating privileges and progressing the attack . those whose organisations had been hit and they paid the ransom .

Sally Adam , Marketing Director at Sophos

By eliminating vulnerable VPN client software , granularly controlling access based on device health and identity , and micro-segmenting applications , ZTNA stops attackers from both breaching the organisation and from moving around it , even if they obtain legitimate credentials .

[ To learn more about the role of lateral movement in ransomware attacks , read the Sophos research report Windows Services Lay the Groundwork for a Midas Ransomware Attack that details how adversaries exploited remote services and access tools to hold a technology company to ransom .]

Finding one : Ransomware victims have much greater familiarity with the ZTNA approach

IT professionals in organisations that had been hit by ransomware in the previous year are almost 50 % more likely be ‘ very familiar ’ with the ZTNA approach than those whose organisations hadn ’ t experienced an incident ( 59 % vs 39 %). This rises to 71 % among

Further illustrating this point , just 10 % of ransomware victims have little or no familiarity with ZTNA , compared with 21 % of those whose organisation hasn ’ t fallen victim .

Finding two : Ransomware victims are more advanced in their adoption of the Zero Trust approach

One quarter ( 25 %) of those whose organisation experienced a ransomware attack in the previous year have already fully adopted a Zero Trust approach , rising to 40 % of those whose organisations were hit and paid the ransom . In comparison , just one sixth ( 17 %) of those that hadn ’ t experienced an attack have already fully migrated to this approach .

76 INTELLIGENTCIO MIDDLE EAST www . intelligentcio . com