By this time, most IT and business professionals understand the ransomware threat and how it can affect their organization. There has been a significant increase in the incidence of malware and ransomware attacks in the last several years. Cybercriminals have expanded into exploiting vulnerabilities at SMBs more than ever. While the threat of ransomware is nothing new, the trend continues to evolve as the business grows and changes. Recently, Ransomware.com surveyed 500 IT professionals about their thoughts and experiences on ransomware in 2021. these are some of the more compelling results.
Graphic courtesy of ransomware.org
The first thing to point out is that 34% of companies surveyed have already experienced a ransomware event. Because of how prolific these attacks are, companies take the ransomware threat seriously. Here are some of the other results worthy of mention:
- 43% of respondents believe that their risk of a ransomware attack is the same in 2022 s it was in 2021, but 41% were worried that their risk was higher. This means that the vast majority of companies believe the threat is not only real but growing – and only 16% believe they have less chance of attack than in the past.
- When asked if ransomware was a serious and present threat to their business, 84% responded in the affirmative. 12% did not feel they needed to be worried about ransomware, and 4% saw the ransomware fear as “overhyped.”
- Approximately 40% of IT professionals felt that their C-suite executives were well informed about the threat of ransomware attacks, while nearly 17% were concerned that the leadership was not in the loop.Did You Know? A recent BitDefender study revealed that businesses lost up to half of their customer base after a major data breach, on average.
- In addition to the loss of clients and revenue, respondents reported adverse impacts on their operations (26%), and their reputation and customer loyalty levels (35% ) were the two areas most negatively affected by a cyber attack.
- Respondents have significantly different expectations of how long a ransomware attack will impact the business. While 29% felt it could be cleaned up in mere hours, 52% felt the situation would more likely be rectified within several days. However, these days, downtimes of any length can be financially catastrophic for SMBs.
- 31% of those who answered the survey felt that their companies had a working knowledge of the ransomware threat, and only 8% struggled to get their companies to listen to their concerns.
- The majority of companies rate their firm’s preparedness in this area as either a 6 or 7 out of 10. Further, 80% of respondents rated their current level of protection against ransomware as at least a 6. While many feel their data is attack-proof, having an attitude of constant vigilance and maintenance of these plans is paramount.
- Only 4% of respondents reported no disaster recovery plan was in place. The rest of the companies had some form of plan in place, even if it needed updating or documentation. However, 40% of those with a plan say that it is not regularly updated – a potentially serious vulnerability that cyber criminals could exploit.
Finally, when asked how many hours were spent per month on ransomware attack preparedness, threat hunting and discovery, or incident response, 60% said less than 4 hours. This is not due to a lack of awareness but because IT professionals have a lot on their plate daily. Hiring a managed service firm to both monitor your network and handle incident response is a prudent way to ensure that your company is prepared for anything.
Alliance IT is a managed services and security firm based in Sarasota.
