We are excited to bring Transform 2022 back in-person July 19 and virtually July 20 - 28. Join AI and data leaders for insightful talks and exciting networking opportunities. Register today!
Ransomware attacks are on the rise globally as cybercriminals adopt more sophisticated tactics. The Federal Bureau of Investigation reported a 225% increase in total losses from ransomware in the United States in 2020. According to Cybersecurity Ventures, businesses are under attack every 11 seconds, on average, and damage losses are projected to reach $20 billion worldwide. Against this backdrop, the Cybereason Global Ransomware Study measured how much financial and reputational damage these attacks wreak on businesses.
Dealing with the aftermath of a ransomware attack can be complicated and costly. The vast majority of organizations experienced significant business impact due to ransomware attacks, including loss of revenue (66%), damage to the organization’s brand (53%), unplanned workforce reductions (29%), and even closure of the business altogether (25%).
After an organization experienced a ransomware attack, the top 5 solutions implemented included security awareness training (48%), security operations (SOC) (48%), endpoint protection (44%), data backup and recovery (43%), and email scanning (41%). The least deployed solutions post-attack included web scanning (40%), endpoint detection and response (EDR) and extended detection and response (XDR) technologies (38%), antivirus software (38%), mobile and SMS security solutions (36%), and managed security services provider (MSSP) or managed detection and response (MDR) provider (34%). Only 3% of respondents said they did not make any new security investments after a ransomware attack.
Cybereason’s study found that the majority of organizations that chose to pay ransom demands in the past were not immune to subsequent ransomware attacks, often by the same threat actors. In fact, 80% of organizations that paid the ransom were hit by a second attack, and almost half were hit by the same threat group.
This study offers insight into the business impact of ransomware attacks across key industry verticals and reveals data that can be leveraged to improve ransomware defenses. For example, after an organization experienced a ransomware attack, the top two solutions implemented included security awareness training (48%) and security operations (48%). This research underscores that prevention is the best strategy for managing ransomware risk and ensuring your organization does not fall victim to a ransomware attack in the first place.
1,263 cybersecurity professionals took part in the study commissioned by Cybereason and fielded by Censuswide, with participants in varying industries from the United States, United Kingdom, Spain, Germany, France, United Arab Emirates, and Singapore.
Read the full Cybereason Global Ransomware Study.
VentureBeat's mission is to be a digital town square for technical decision-makers to gain knowledge about transformative enterprise technology and transact. Learn more about membership.