Jump to content
  • Cybereason: 80% of orgs that paid the ransom were hit again

    aum

    • 433 views
    • 3 minutes
     Share


    • 433 views
    • 3 minutes

    Cybereason: 80% of orgs that paid the ransom were hit again

     

    Ransomware attacks are on the rise globally as cybercriminals adopt more sophisticated tactics. The Federal Bureau of Investigation reported a 225% increase in total losses from ransomware in the United States in 2020. According to Cybersecurity Ventures, businesses are under attack every 11 seconds, on average, and damage losses are projected to reach $20 billion worldwide. Against this backdrop, the Cybereason Global Ransomware Study measured how much financial and reputational damage these attacks wreak on businesses.

     

    Dealing with the aftermath of a ransomware attack can be complicated and costly. The vast majority of organizations experienced significant business impact due to ransomware attacks, including loss of revenue (66%), damage to the organization’s brand (53%), unplanned workforce reductions (29%), and even closure of the business altogether (25%).

     

    graph-image-01.jpg?w=700&resize=700,258&

    Above: This table provides a side-by-side comparison of which solutions were in place that may have protected organizations from a ransomware attack and the investments made by organizations after an attack.

    Image Credit: Cybearson

     

    After an organization experienced a ransomware attack, the top 5 solutions implemented included security awareness training (48%), security operations (SOC) (48%), endpoint protection (44%), data backup and recovery (43%), and email scanning (41%). The least deployed solutions post-attack included web scanning (40%), endpoint detection and response (EDR) and extended detection and response (XDR) technologies (38%), antivirus software (38%), mobile and SMS security solutions (36%), and managed security services provider (MSSP) or managed detection and response (MDR) provider (34%). Only 3% of respondents said they did not make any new security investments after a ransomware attack.

     

    Cybereason’s study found that the majority of organizations that chose to pay ransom demands in the past were not immune to subsequent ransomware attacks, often by the same threat actors. In fact, 80% of organizations that paid the ransom were hit by a second attack, and almost half were hit by the same threat group.

     

    This study offers insight into the business impact of ransomware attacks across key industry verticals and reveals data that can be leveraged to improve ransomware defenses. For example, after an organization experienced a ransomware attack, the top two solutions implemented included security awareness training (48%) and security operations (48%). This research underscores that prevention is the best strategy for managing ransomware risk and ensuring your organization does not fall victim to a ransomware attack in the first place.

     

    1,263 cybersecurity professionals took part in the study commissioned by Cybereason and fielded by Censuswide, with participants in varying industries from the United States, United Kingdom, Spain, Germany, France, United Arab Emirates, and Singapore.

     

    Source

     

    • Like 2

    User Feedback

    Recommended Comments

    There are no comments to display.



    Join the conversation

    You can post now and register later. If you have an account, sign in now to post with your account.
    Note: Your post will require moderator approval before it will be visible.

    Guest
    Add a comment...

    ×   Pasted as rich text.   Paste as plain text instead

      Only 75 emoji are allowed.

    ×   Your link has been automatically embedded.   Display as a link instead

    ×   Your previous content has been restored.   Clear editor

    ×   You cannot paste images directly. Upload or insert images from URL.


  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...