Report: Ransomware victims increase security budgets due to surge in attacks

Hear from CIOs, CTOs, and other C-level and senior execs on data and AI strategies at the Future of Work Summit this January 12, 2022. Learn more

As the end of 2021 approaches, there’s no doubt ransomware became a top cybersecurity concern across multiple industries.  Successful ransomware attacks like the Colonial Pipeline, which took down critical U.S. infrastructure, and Kaseya, which hit over 1,500 companies in a single attack, became a popular topic in the news.

Research conducted by Cymulate, however, shows that despite the increase in the number of attacks this past year, overall victims suffered limited damage in both severity and duration. Potential victims have improved their level of preparedness, with 70% reporting an increase of awareness at the boardroom and business management level. The majority (55%) undertook proactive measures to prevent ransomware attacks before they could cause any significant damage, and many of those respondents (38%) prevented attacks even before they could cause any serious downtime. Only 14% of respondents that experienced an attack were down for a week or more.

In addition to awareness, there have been four critical decisions found in the survey that have directly minimized damage and duration during ransomware attacks:

  1. Most have reported increases in budget and staff. Prior victims of ransomware are allocating more security budget (64%) and headcount (58%) than organizations not previously attacked. Non-victims, however, are still allocating more security budget (55%) and headcount (37%) than before.
  2. Most respondents are also changing their incident response plans to include ransomware attacks and have even run practice drills within their enterprises.
  3. Furthermore, they are investing more resources and implementing security solutions and procedures such as end-point detection, multifactor authentication (MFA), additional network segmentation, and improved backup mechanisms.
  4. Finally, there has been an increase in awareness and adoption of offensive cybersecurity testing practices.

However, despite these added cybersecurity measures, organizations still need to remain vigilant because all companies, regardless of size, have a one in four chance of being hit by ransomware.

The data from Cymulate’s report was gathered from nearly 900 enterprise professionals across 14 sectors worldwide.

Read the full report by Cymulate.

Originally appeared on: TheSpuzz