As an organisation that sees our relationships with channel partners as essential to our ability to react to customer needs, we’re constantly looking to find out what they think. That’s why we polled 164 channel partners across Europe in late 2017 to find out more about their customers’ cybersecurity woes. We then compared these findings with similar end-user research that we’d conducted over the course of the same year.
Ransomware has quickly become one of the largest threats out there for businesses, and it doesn’t look like it’s set to slow down anytime soon. A study by IBM Security found that it accounted for around 40% of all spam messages in 2016, and last year saw some really high profile attacks such as WannaCry and Petya which brought this issue into the public eye.
While we know from our customers just how big ransomware has become within the cyber attack landscape, we wanted to see whether this perception matches reality when it comes to what the channel are seeing.
There was plenty to agree on, with both channel and end-user organisations voting ransomware as the biggest security threat. 90% of EMEA businesses placed it as their top concern and 37% of channel partners also chose it as their number one threat.
The most striking finding, however, was the difference in opinion on what percentage of organisations had been attacked by ransomware. Whereas 48% of EMEA organisations admitted to being hit themselves, the majority of channel partners (54%) told us that less than 20% of their customers have been victims. 7% even report that none of their customers have been attacked by ransomware. Furthermore, while only 41% of organisations admitted being able to identify the source of the ransomware attack, more than half (51%) of the channel think their customers were always able to identify the cause.
We asked one of our channel partners, Barry Mattacott, Cyber Security Marketing Director at Nuvias Group, whether the research rings true for him:
“I agree with the research finding that ransomware is a highly significant threat. We need to accept that it’s everybody’s problem, not just big businesses and the NHS but organisations of every size, due to its indiscriminate ‘spray and pray’ propagation.
The survey highlighted an interesting misalignment between what people in the channel believe and what end users are actually admitting to experiencing. Perhaps the anonymity of a survey means that end users can more candidly express what they’re experiencing – something that they wouldn’t feel comfortable admitting to within general conversation.
These are interesting findings for the channel and rather than asking customers whether they’ve been a victim of an attempted ransomware attack, perhaps we should be making the assumption that they have, and proactively offer solutions that safeguard them against future attacks.”
This points to an opportunity for the channel to broaden their security conversations with customers, and ask different questions. Maybe customers are too embarrassed to give the full picture? Perhaps the channel are giving their customers too much credit when it comes to identifying and avoiding ransomware, given how high profile the threat has become over the last twelve months? Either way, these findings suggest that the channel might be missing out on the chance to deliver more security consulting and solution expertise.
Revenue opportunities abound for the channel, and if they want to add value they need to seize the opportunity, providing advice where possible and trying to avoid making assumptions. Partners can make themselves invaluable by asking the right questions, building the right relationships and ensuring their customers never feel judged.
This article was originally published here.