Ransomware: The True Cost To Business

The leading  cyber security firm Cybereason has announced the results of its third annual ransomware study, commissioned to better understand the true impact of ransomware to businesses. This global study reveals ransomware attacks are becoming more frequent, effective and sophisticated.

The Report Ransomware: The True Cost to Business 2024 reveals that of the organisations who opted to pay a ransom in return for their encrypted systems, only 47 percent received their data and solutions back uncorrupted.

Key Findings:

  • 56 percent of organisations surveyed suffered more than one ransomware attack in the last 24 months.
  • It still ‘doesn’t pay to pay’ as almost 80 percent of organisations who paid the ransom were hit a second time.
  • 82 percent were hit again within a year.
  •  63 percent were asked to pay again 

These findings emphasise why it does not pay to pay ransomware attackers, and organisations should instead focus on detection and prevention tactics to end ransomware attacks before material damage occurs.

Cybereason Global Field CISO Greg Day says this year’s research shows that, while most businesses have a ransomware strategy in place, many are incomplete. “They’re either missing a documented plan, or the right people to execute it. As a result, we see that many organisations are paying the ransom.... Likewise whilst many have cyber insurance, too many simply don’t know if, or to what degree it covers them for ransomware attacks. This is problematic on several levels. It’s no guarantee that attackers won’t sell your data on the black market, that you’ll even get your full files and systems back, or that you won’t be attacked again.” 

Other Findings:

Attackers are evolving and the supply chain shows weakness  -  56 percent didn’t detect a breach for 3-12 months, with 41 percent of the attackers getting in via a supply chain partner. 

Attacker demands increase at every stage -  78 percent were breached a second time, with 63 percent being asked to pay more. 

The true cost is staggering  -  46 percent estimate total business losses of $1-10 million and 16 percent estimate total business losses of over $10 million. Not to mention the loss of revenue, brand damage and layoffs that followed. 

Businesses don’t have the right tools  -  Less than half said their businesses are adequately prepared for the next attack. Whilst 87 percent of organisations increased spend, only 41 percent feel they have the right people and plans in place to manage the next attack.
 
Based on Cybereason's research and their unique capabilities threat protection, it seems clear that in the case of Ransom attacks, prevention is a whole let better than remediation. 

Image: Andrea Piacquadio

You Might Also Read: 

Bridging The Gap Between Cybersecurity & Business Goals:

DIRECTORY OF SUPPLIERS - Ransomware Protection:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible


 

« Harnessing Predictive Analytics In Cybersecurity
Gender Diversity In The Technology Sector »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Mimecast

Mimecast

Mimecast delivers cloud-based email management for Microsoft Exchange and Microsoft Office 365 including archiving, continuity and security.

Forcepoint

Forcepoint

Forcepoint provide a unified, cloud-centric platform that safeguards users, networks and data while eliminating the inefficiencies of managing multiple point security products.

Resilience First

Resilience First

Resilience First is a not-for-profit organisation, led and funded by business to strengthen collective business resilience in all areas, including cyber security.

Tesorion

Tesorion

Tesorion is a fusion of different enterprises each with its own specialisation in the field of cybersecurity. We have combined these specialisations to create an integrated comprehensive solution.

WiSecure Technologies

WiSecure Technologies

WiSecure Technologies aims to develop cryptographic products meeting requirements in the new economic era.

Cyber Resilience

Cyber Resilience

Cyber Resilience offer an intensive program designed to help you create strategies to quickly become cyber resilient and to manage cyber risks in a measurable and predictable way.

Early Birds

Early Birds

Early Birds is a Business to Business (B2B) marketplace for Innovators (Startups/Scaleups) and Early Adopters to exchange value early on.

Nexor

Nexor

Nexor are a UK-based cyber security company with 30 years' experience in secure information exchange.

endpointX

endpointX

endpointX is a preventative cyber security company. We help companies minimize their risk of breach by improving cyber hygiene.

Firesand

Firesand

Based in Milton Keynes, Firesand Ltd provides penetration testing services to improve your cyber security and protect your company against hackers.

Anura

Anura

The world’s most accurate ad fraud solution protects your web assets by eliminating bots, malware and human fraud, ensuring your content is seen by real people.

Somos

Somos

From voice to messaging to fraud prevention and beyond, Somos are committed to developing innovative solutions that ensure that our ability to maintain trustworthy connections never stops.

StealthMole

StealthMole

StealthMole is a deep and dark web threat intelligence company that delivers a cloud-based, unified platform for digital investigation, risk assessment, and threat monitoring.

IT-Schulungen.com / New Elements GmbH

IT-Schulungen.com / New Elements GmbH

Under the name IT-Schulungen.com, the Nuremberg-based New Elements GmbH has been operating one of the largest training centres in the German-speaking world for over 20 years.

Backblaze

Backblaze

The Backblaze Storage Cloud provides a foundation for businesses, developers, IT professionals, and individuals to build applications, host content, manage media, back up and archive data, and more.

KTrust

KTrust

KTrust provides Continuous Threat Exposure Management for Kubernetes environments.