Survey Shows Companies Recovering Quicker from Ransomware Attacks Despite Rise in Frequency
November 2021 by Cymulate
Cymulate announced the results of a survey, revealing that despite the increase in the number of attacks this past year, overall victims suffered limited damage in both severity and duration. Research taken from nearly 900 enterprise professionals across 14 sectors worldwide highlighted that the majority of respondents undertook proactive measures to prevent the attack before it could cause any significant damage, and the vast majority of those even before it could cause any serious downtime. There was little difference in the size of organizations that ransomware targeted, affecting both large and small companies alike.
• More than half – whether previously hit by ransomware or not - don’t feel confident they can fend off a ransomware attack.
• One-third (28%) of organizations were hit by ransomware over the last few years.
o 23% of smaller business (between 1-1,000 employees) experienced a ransomware attack, 27% of mid-size (between 1,001-5,000) and 23% large enterprises (20,000+).
o Only 14% of respondents that experienced an attack were down for a week or more.
o 19% of the respondents experienced major damages and interruption to business or production and 26% reported that damages were relegated to a few systems.
• 70% report increased awareness of ransomware threats at boardroom level and business management level.
• Frequency of attacks is the highest in APAC, followed by Latin America, Africa and North America.
• All companies, regardless of size have a 1-in-4 chance of being hit by ransomware.
• Prior victims of ransomware are allocating more security budget (64%) and headcount (58%) than organizations not previously attacked. Non victims however are still allocating more security budget (55%) and headcount (37%).
• Most companies are creating new or modified incident response plans with between 43% (victims) to 46% (non-victims).
• Poor password discipline is still a major attack vector.
• Traditional security procedures/purchases were added because of ransomware
• 39% increased end-point detection and response (EDR) and 34% increased multi-factor authentication (MFA) in non-victims and 30% increased EDR in victims.
• 82% of the respondents are adopting offensive cybersecurity solutions.