Four of ten companies have confirmed they reduce security staff by as much as 70% on weekends and holidays.
The figures come from Cybereason’s latest report, based on a survey of more than 1200 cybersecurity professionals.
The new data suggests that attacks occurring on weekends and holidays result in higher costs and more significant revenue losses for organizations than attacks on weekdays.
This, according to Cybereason, is because ransomware attacks taking place on weekends and holidays typically catch companies off guard, resulting in longer investigation times and causing more significant damage.
“Ransomware actors tend to strike on holidays and weekends because they know companies’ human defenses often aren’t as robust at those times. It allows them to evade detection, do more damage, and steal more data as security teams scramble to mobilize a response,” said Cybereason CEO Lior Div.
In particular, the report indicates 34% of respondents said it took them longer to assemble incident response teams during holidays and weekends. Moreover, 37% said it took them longer to assess the scope of the attack, and 36% said it took them longer to stop and recover from the attack.
The figures went up for US organizations, with 44% of those surveyed saying it took them longer to assess and respond to a weekend or holiday ransomware attack, marking a 19% increase over results from last year’s survey.
Further, the Cybereason report also analyzed the impact of weekend and holiday ransomware attacks on security professionals’ personal lives, with 88% of respondents saying they missed a holiday or weekend celebration due to a ransomware attack.
“Disrupting cybersecurity professionals’ well-earned downtime and interfering with their personal lives takes a toll on their wellbeing, leads to burnout and causes some people to leave the field altogether,” Div added.
“The overall success cyber-criminals have attacking on holidays and weekends leads to them more aggressively targeting companies during these times as a way to further fuel their criminal empires.”
To limit the impact of such attacks, Cybereason recommends companies deploy endpoint detection and response technologies, implement a security awareness program among employees and ensure operating systems and other software are regularly updated.
The report’s publication comes days after the Australian government announced it was considering banning ransomware payments.