Ransomware: The True Cost To Business

The leading  cyber security firm Cybereason has announced the results of its third annual ransomware study, commissioned to better understand the true impact of ransomware to businesses. This global study reveals ransomware attacks are becoming more frequent, effective and sophisticated.

The Report Ransomware: The True Cost to Business 2024 reveals that of the organisations who opted to pay a ransom in return for their encrypted systems, only 47 percent received their data and solutions back uncorrupted.

Key Findings:

  • 56 percent of organisations surveyed suffered more than one ransomware attack in the last 24 months.
  • It still ‘doesn’t pay to pay’ as almost 80 percent of organisations who paid the ransom were hit a second time.
  • 82 percent were hit again within a year.
  •  63 percent were asked to pay again 

These findings emphasise why it does not pay to pay ransomware attackers, and organisations should instead focus on detection and prevention tactics to end ransomware attacks before material damage occurs.

Cybereason Global Field CISO Greg Day says this year’s research shows that, while most businesses have a ransomware strategy in place, many are incomplete. “They’re either missing a documented plan, or the right people to execute it. As a result, we see that many organisations are paying the ransom.... Likewise whilst many have cyber insurance, too many simply don’t know if, or to what degree it covers them for ransomware attacks. This is problematic on several levels. It’s no guarantee that attackers won’t sell your data on the black market, that you’ll even get your full files and systems back, or that you won’t be attacked again.” 

Other Findings:

Attackers are evolving and the supply chain shows weakness  -  56 percent didn’t detect a breach for 3-12 months, with 41 percent of the attackers getting in via a supply chain partner. 

Attacker demands increase at every stage -  78 percent were breached a second time, with 63 percent being asked to pay more. 

The true cost is staggering  -  46 percent estimate total business losses of $1-10 million and 16 percent estimate total business losses of over $10 million. Not to mention the loss of revenue, brand damage and layoffs that followed. 

Businesses don’t have the right tools  -  Less than half said their businesses are adequately prepared for the next attack. Whilst 87 percent of organisations increased spend, only 41 percent feel they have the right people and plans in place to manage the next attack.
 
Based on Cybereason's research and their unique capabilities threat protection, it seems clear that in the case of Ransom attacks, prevention is a whole let better than remediation. 

Image: Andrea Piacquadio

You Might Also Read: 

Bridging The Gap Between Cybersecurity & Business Goals:

DIRECTORY OF SUPPLIERS - Ransomware Protection:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible


 

« Harnessing Predictive Analytics In Cybersecurity
Gender Diversity In The Technology Sector »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Xcitium

Xcitium

Xcitium (formerly Comodo) is and industry leading provider of state-of-the-art endpoint protection solutions. Our Zero threat platform isolates and removes all ransomware & malware infectictions.

Communications Security Establishment (CSE)

Communications Security Establishment (CSE)

CSE is Canada's national cryptologic agency, providing the Government of Canada with IT Security and foreign signals intelligence (SIGINT) services.

Center for Identity - University of Texas at Austin

Center for Identity - University of Texas at Austin

The mission of the Center is to deliver the highest-quality discoveries, applications, education, and outreach for excellence in identity management, privacy, and security.

ICS2

ICS2

ICS² is the first cyber security company focusing on protecting the control system of power, oil, gas, and petrochemicals plants.

Fischer Identity

Fischer Identity

Fischer Identity provide identity & access management and identity governance administration solutions.

OurCrowd

OurCrowd

OurCrowd is a leading equity crowdfunding platform for investing in global startups.

Palantir

Palantir

Palantir software empowers entire organizations to answer complex questions quickly by bringing the right data to the people who need it.

Enso Security

Enso Security

Enso is the first Application Security Posture Management (ASPM) solution, helping security teams everywhere eliminate their AppSec chaos with application discovery, classification and management.

Athreon

Athreon

Athreon utilizes a fusion of AI technology, human interpretation, and the latest in cybersecurity to deliver sound business solutions that help our clients make better data-driven decisions.

NTT Group

NTT Group

NTT offers agile, scalable technology services to bring it all together seamlessly, securely, and sustainably. We help you adopt a holistic security approach across your network, clouds, applications.

CatchProbe Intelligence Technologies

CatchProbe Intelligence Technologies

CatchProbe provides actionable web intelligence, OSINT, deception systems, threat intelligence, and digital crime analytics solutions and products through an AI-Driven intelligence platform.

KnoTra Global

KnoTra Global

KnoTra Global is a next-generation Managed Service provider with a portfolio of services including Cybersecurity Solutions, Network Management, IT Leadership, and Day-to-Day Helpdesk and IT services.

LetsData

LetsData

LetsData uses AI to provide governments, intergovernmental organizations, civil society, and businesses with data-empowered decisions on communication in the age of online disinformation.

QPoint Technologies

QPoint Technologies

QPoint provides solutions and consulting in areas including software engineering, testing, cybersecurity, ICT, web, mobile, project management, and complex integration processes.

Focus Group

Focus Group

Focus Group are one of the UK’s leading independent providers of essential business technology. Here to take care of all your telecoms, IT and connectivity services.

Cyber Grant

Cyber Grant

Cyber Grant excel in designing cybersecurity solutions for data protection. Our approach and vision, centered on ease-of-use, establish us as a benchmark in the industry for safeguarding information.