Were you unable to attend Transform 2022? Check out all of the summit sessions in our on-demand library now! Watch here.

A new study from ExtraHop shows a major discrepancy between perception versus reality — 77% of IT decision-makers (ITDMs) said they were very or completely confident in their company’s ability to prevent or mitigate cybersecurity threats, yet 64% admit that their own cybersecurity incidents are the result of their own outdated IT security plans.

When the pandemic hit and organizations switched to a work from home (WFH) model, many also took the opportunity to modernize their IT infrastructures, finally decommissioning old on-premises applications and replacing them with new SaaS applications or other solutions. Unfortunately, they didn’t modernize their protocol use — leading to some misplaced confidence. Sixty-nine percent are transmitting sensitive data over unencrypted HTTP connections instead of more secure HTTPS connections. Another 68% are still running SMBv1, the protocol that WannaCry and NotPetya ransomware variants use to infect corporate networks. 

The frequency of ransomware attacks over the past few years has only made this discrepancy worse. Eighty-five percent of companies are, on average, experiencing at least one ransomware attack per year, and 74% have experienced multiple attacks.

Pie graph. 15% of companies experienced no ransomware attacks. 55% experienced 1-5 attacks. 30% experienced 6 or more.

Another surprising takeaway: most companies admitted to paying the ransom when hit. Seventy-two percent of respondents admitted to paying a ransom, while 42% of companies that suffered a ransomware attack said they paid the ransom demanded most or all of the time.


MetaBeat 2022

MetaBeat will bring together thought leaders to give guidance on how metaverse technology will transform the way all industries communicate and do business on October 4 in San Francisco, CA.

Register Here

Despite this being discouraged by the FBI, many organizations choose to make the payment to minimize the cost, which includes business downtime and end-user downtime. 

The survey of 500 security and IT decision-makers in the U.S., U.K., France, and Germany was conducted by Wakefield Research and sponsored by ExtraHop. Survey participants came from a wide range of industries, including financial services, healthcare, manufacturing and retail, and worked at companies of varying sizes, including companies with annual revenue exceeding $50 million.

Read the full report by ExtraHop.

VentureBeat's mission is to be a digital town square for technical decision-makers to gain knowledge about transformative enterprise technology and transact. Discover our Briefings.