Most Organizations Admit to Being Ransomware Attack Victims, Pay Ransom

Most organizations' backup and recovery plans don't provide protection against ransomware.

Edward Gately, Senior News Editor

October 19, 2021

2 Min Read
Ransomware
Shutterstock

Nearly two out of three companies recently surveyed admit to being ransomware attack victims in the last 12 months.

That’s according to ThycoticCentrify‘s new report, “2021 State of Ransomware Survey & Report: Preventing and Mitigating the Skyrocketing Costs and Impacts of Ransomware Attacks.” It’s based on survey responses from 300 U.S.-based IT business decision makers.

The report further reveals that more than four out of five respondents who were ransomware attack victims felt they had no choice but to pay ransom demands to restore their data.

Caron-Joseph_Thycotic.png

ThycoticCentrify’s Joseph Carson

Joseph Carson is ThycoticCentrify‘s chief security scientist and advisory CISO.

“We were surprised that so many organizations are paying the ransom,” he said. “This means that most organizations’ backup and recovery plan does not provide protection against ransomware.”

Other Findings

Other report highlights include:

  • Seventy-two percent have seen cybersecurity budgets increase due to ransomware threats.

  • Ninety-three percent are allocating special budget to fight ransomware threats.

  • One-half said they experienced loss of revenue and reputational damage from an attack.

  • Forty-two percent indicated they had lost customers as a result of an attack.

“We found that both budgets are increasing and so is the priority of incident response,” Carson said. “However, organizations must be proactive against ransomware rather than increasing budget only after becoming a victim.”

It’s more important than ever for businesses to prioritize creating an incident response plan to avoid being added to the growing list that have paid the ransom demand, according to ThycoticCentrify.

Moreover, while increasing cybersecurity budgets for network and cloud security solutions, organizations must also understand and prioritize the requirements for preventing exploit escalation with privileged access management (PAM) security that enforces least privileged access.

And finally, preventing ransomware attacks by practicing basic cybersecurity hygiene is essential. That includes regular backups, timely patching, multifactor authentication (MFA) and password protection. PAM policies that make least privileged access a priority enable security teams to identify the attack entry point, understand what happened, help remediate and ultimately protect restored data.

“I believe many excellent resources are available that provide clear direction and best practices on how to reduce the risks and become more resilient to ransomware attacks,” Carson said. “This includes the recommendations within this report. However, organizations must act now and not wait until after an incident occurs.”

Want to contact the author directly about this story? Have ideas for a follow-up article? Email Edward Gately or connect with him on LinkedIn.

Read more about:

MSPsVARs/SIsChannel Research

About the Author

Edward Gately

Edward Gately

Senior News Editor, Channel Futures

As senior news editor, Edward Gately covers cybersecurity, new channel programs and program changes, M&A and other IT channel trends. Prior to Informa, he spent 26 years as a newspaper journalist in Texas, Louisiana and Arizona.

See more from Edward Gately
Free Newsletters for the Channel
Register for Your Free Newsletter Now
Subscribe

You May Also Like

Galleries
See all
Mar 24 - Mar 27, 2025
The Channel Partners Conference & Expo, co-located with MSP Summit, is the gathering place for the technology services community. Agents, VARs, MSPs, integrators and service providers will converge to share ideas and drive discussion on the topics shaping our industry.
REGISTER NOW