Connect with us

GRTech

Organizations Are Never The Same After Being Hit By Ransomware – Report

Published

on

Sophos, a global leader in next-generation cybersecurity, has announced the findings of its global survey, “Cybersecurity: The Human Challenge”, which reveals that organizations are never the same after being hit by ransomware.

In particular, the confidence of IT managers and their approach to battling cyberattacks differ significantly depending on whether or not their organization has been attacked by ransomware.

In the report, outsourcing IT security is already the norm, with 65% doing it in some capacity: 43% use a combination of in-house and outsourcing while 22% wholly outsource their IT security. The survey revealed regional variations. 

Top of the outsourcing list are China (76%), the UAE (74%), and Malaysia and Singapore (both 73%) where around three quarters of respondents already include outsourcing in their IT security delivery. 

However, at the other end of the scale, in Belgium (52%), France (54%) and Nigeria (54%) just over half of respondents are currently using third party security providers.

The global trend is for outsourcing to increase over the next two years, from the current 65% to almost three quarters (72%) in 2022. 

The biggest change will be in the percentage of organizations that exclusively use in-house staffing: this is set to drop from 34% to 26%. There will be increases both in the percentage that fully outsource their IT security and in those that use a combination of in-house and outsourced expertise

Flip back to part on ransomware, the report shows that IT managers at organizations hit by ransomware are nearly three times as likely to feel “significantly behind” when it comes to understanding cyberthreats, compared to their peers in organizations that were unaffected (17% versus 6%). 

More than one third (35%) of ransomware victims said that recruiting and retaining skilled IT security professionals was their single biggest challenge when it comes to cybersecurity, compared with just 19% of those who hadn’t been hit.  

When it comes to security focus, the survey found that ransomware victims spend proportionally less time on threat prevention (42.6%) and more time on response (27%) compared to those who haven’t been hit (49% and 22% respectively), diverting resources towards dealing with incidents rather than stopping them in the first place. 

“The difference in resource priorities could indicate that ransomware victims have more incidents to deal with overall. However, it could equally indicate that they are more alert to the complex, multi-stage nature of advanced attacks and therefore put greater resource into detecting and responding to the tell-tale signs that an attack is imminent,” said Chester Wisniewski, principal research scientist at Sophos.

The fact that ransomware attackers continue to evolve their tactics, techniques and procedures (TTPs) contributes to pressure on IT security teams, as evidenced by SophosLabs Uncut’s article, “Inside a New Ryuk Ransomware Attack”. The article deconstructs a recent attack involving Ryuk ransomware. Sophos incident responders found that the Ryuk attackers used updated versions of widely available and legitimate tools to compromise a targeted network and deploy ransomware.

Unusually, the attack progressed at great speed – within three and a half hours of an employee opening a malicious phishing email attachment, the attackers were already actively conducting network reconnaissance. Within 24 hours, the attackers had access to a domain controller and were preparing to launch Ryuk. 

“Our investigation of the recent Ryuk ransomware attack highlights what defenders are up against.  IT security teams need to be on full alert 24 hours a day, seven days a week and have a full grasp of the latest threat intelligence on attacker tools and behaviors.

The survey findings illustrate clearly the impact of these near-impossible demands. Among other things, those hit by ransomware were found to have severely undermined confidence in their own cyberthreat awareness.

However, their ransomware experiences also appear to have given them a greater appreciation of the importance of skilled cybersecurity professionals, as well as a sense of urgency about introducing human-led threat hunting to better understand and identify the latest attacker behavior,” said Wisniewski. “Whatever the reasons, it is clear that when it comes to security, an organization is never the same again after being hit by ransomware.”

The full report, “Inside a New Ryuk Ransomware Attack”, is available on SophosLabs Uncut, where Sophos researchers regularly publish their latest research and breakthrough findings, such as Maze leveraging Ragnar Locker. Threat researchers can follow SophosLabs Uncut in real time on Twitter at @SophosLabs

Continue Reading

GRTech

The Economics of Product Decisions: Applying Behavioural Economics and Game Theory in PM

Published

on

Amarachi Nnochiri
Amarachi Nnochiri

Product managers often need to make a clear-cut decision: what should we build next? But the decisions which hold real importance go beyond adding features.

It’s about getting what makes people tick.

It goes way beyond what you would expect, getting into how people behave and using game theory.

These areas give insight into how users decide and how a product’s design can improve growth and keep people interested.

This is what Amarachi Nnochiri excels at. She is a senior product manager that knows how to use economics and psychology in her job.

She goes beyond simply managing product tasks; she develops whole product systems based on how users think, feel, and use a service. Her background shows how understanding human psychology and behaviour can give you a significant advantage in the competition.

One idea Amarachi uses is  “loss aversion.” In this scenario, people feel worse about losing something than they feel good about gaining something of equal value.

She uses this when designing her products, mostly when it comes to pricing and getting people to try new strategies. For example, instead of giving a free trial, she might use a freemium setup where users get some stuff for free but could lose it if they don’t buy an upgrade. This pushes them to pay.

She might also use progress bars or streak counters, since losing progress gets people to keep using the product.

Amarachi also uses ideas from “game theory” to get how users act and change their behavior. She realizes that users are doing more than operating a product, but are playing a game with other users or with the product itself. She designs things that use ideas like “Nash equilibrium,” where nobody can do better by changing what they’re doing. For a social product, this could mean creating a system where doing something good for yourself (like inviting friends) also helps everyone else. This makes the whole thing stable and positive.

Her know-how in game theory also applies to making strong “network effects.” This means making stuff that gets better as more people use it.

A good example is a social network where each new user makes the product more helpful for everyone else. Amarachi endeavours to make things go viral on purpose, not just by luck.

She might use “commitment devices,” which are things that make a user stick with a behaviour by making them depend on it socially or functionally. For example, inviting team members to a tool makes the user stick with the platform and makes the product’s network stronger.

This way of thinking is better than just following the usual steps. By using these economic and psychological tricks, Amarachi develops competitive advantages which are difficult to replicate.

She knows that a company’s best thing is not just a simple interface, but a product that’s designed to sync with how people behave.

Her product choices aren’t just about the needs of users, but equally focus on motivating them to like the product, use it, and stick with it.

In her work, choosing a subscription price isn’t just a business thing; it’s about behaviour. Designing a social feed isn’t just about the content; it’s about balancing what people want and watching how they interact. Amarachi knows extensively about the economics of product decisions. This makes her products innovative and appealing to human behaviour, which leads to more use, keeps people around, and helps the product grow. She’s a leader in product management, where identifying customer desires is backed by understanding human motivation.

Continue Reading

GRTech

Glo reduces international call rates 

By Sandra Ani

Published

on

Glo and Globacom


Technology Company, Globacom, has announced significant reductions in its International Direct Dialing (IDD) rates, making international calls more affordable for its existing and new customers across Nigeria.

Effective August 10, the new rates began applying to over 15 popular international destinations, including United States which will has moved to ₦30 per minute, down from ₦35, United Kingdom is now N350 from ₦400, while India also moved down to ₦40 from N45.

The rates for China, Saudi Arabia and Cameroon however recorded major reduction moving to N75, N300 and ₦700 respectively.


The reduction was also extended to African countries including Benin Republic which goes for ₦650 per minute, Niger Republic ₦750, Ghana ₦500, and Togo ₦650. United Arab Emirates also moved from ₦450 to ₦325, Germany to ₦550, Côte d’Ivoire ₦700, Libya ₦700, while calls to Malawi is now N1,100 from ₦1,200.

Glo aims to provide more value for its customers through these revised rates, encouraging them to make Glo their preferred network for international calls. New IDD bundles will also be introduced, offering frequent international callers even more attractive deals.

Globacom, which remained optimistic that frequent international callers will benefit immensely from the reductions in IDD bundles, enjoined customers to take advantage of the new rates to stay connected with friends and business associates across the globe.

Continue Reading

GRTech

Oil subsidy removal freed up resources for infrastructure – Enugu Governor 

By Orji Israel, South East Correspondent

Published

on

Oil benchmark

The Executive Governor of Enugu State, Peter Mbah, has attributed the financing of numerous infrastructure projects embarked by the state government to the oil subsidy removal policy of the President Bola Ahmed Tinubu administration.

He made this declaration at the Govermment House, Enugu, during a courtesy visit by a delegation of federal government led by Minister of Information and National Orientation, Mohammed Idris, as part of activities lined up for the 2-day Citizens’ Engagement Series in the South East geo-political zone.

“For us in Enugu, we are able to accomplish all we promised our people during the campaign, thanks to the bold decision taken by President Bola Tinubu, which has freed up resources needed to execute humongous capital projects,” said Governor, while listing ongoing projects in the state, which include the construction of 7,000 classrooms, 3,300 hospital beds and 2,000-hectare of 260 farm estates across the 260 wards of the state.

Governor Mbah also pledged more support for the policies of the federal government, saying they are in the best interest of the people of the state.

Continue Reading

Trending