Only a third of businesses have taken out insurance against ransomware attacks
Almost one in six also reported having no disaster recovery plan in place


Only a third (35.8%) of businesses have insurance cover for ransomware attacks, despite it being one of the most common forms of cyber threat.
That's according to a survey of more than 820 organisations by Hornetsecurity, which shared the findings exclusively with IT Pro.
The findings show that one in five (21.1%) had fallen victim to a ransomware attack, while almost one in 10 (9.2%) were forced to pay the ransom to recover data after an attack. This comes just weeks after a Unit 42 report found that ransomware payments had increased 82% since 2020 to a record $570,000 in the first half of 2021.
Hornetsecurity's report also revealed that of those reporting ransomware, just under 12% of respondents were able to recover data through backups, although some data was still lost during this process. The report added that the rise in prevalence of ransomware has prompted 71.3% of organisations to reconsider the ways they back up their data.
The two most common forms of prevention were end-point detection software with anti-ransomware capabilities (75.6%), and email filtration and threat analysis (76.1%). However, it also found a comparably low uptake (47.8%) in the use of air-gapped, offsite storage, which is highly effective in recovering data.
Despite the rising threat of ransomware, Hornetsecurity found that education on how to prevent ransomware attacks can be lacking, and employees often believe in cyber security myths. More than a quarter (28.7%) of surveyed organisations do not provide training to end-users on how to recognise and handle potential ransomware threats, despite them being the easiest targets of social engineering techniques such as phishing.
RELATED RESOURCE
The best defence against ransomware
How ransomware is evolving and how to defend against it
Another 22.2% of those surveyed believe that Microsoft 365 data is immune to ransomware attacks, or stated that they don’t know whether it can be affected. This view can be dangerous for businesses: although notably secure, Microsoft 365 can fall victim to ransomware through malicious attachments sent via email or a potential system vulnerability.
Sign up today and you will receive a free copy of our Future Focus 2025 report - the leading guidance on AI, cybersecurity and other IT challenges as per 700+ senior executives
Almost one in six (15.9%) of respondents also reported having no disaster recovery plan in place, making them unprepared to deal with a potential ransomware attack.
Hornetsecurity’s findings come days after CISA, the FBI, and the National Security Agency (NSA) released a joint Cybersecurity Advisory (CSA) warning organisations of increased threat of Conti attacks.
Having only graduated from City University in 2019, Sabina has already demonstrated her abilities as a keen writer and effective journalist. Currently a content writer for Drapers, Sabina spent a number of years writing for ITPro, specialising in networking and telecommunications, as well as charting the efforts of technology companies to improve their inclusion and diversity strategies, a topic close to her heart.
Sabina has also held a number of editorial roles at Harper's Bazaar, Cube Collective, and HighClouds.
-
Everything you need to know about Sophos’ new partner program
News The vendor’s new channel initiative unifies the Sophos and Secureworks channel ecosystems to generate new partner opportunities
-
Researchers tested over 100 leading AI models on coding tasks — nearly half produced glaring security flaws
News AI models large and small were found to introduce cross-site scripting errors and seriously struggle with secure Java generation
-
The Scattered Spider ransomware group is infiltrating Slack and Microsoft Teams to target vulnerable employees
News The group is using new ransomware variants and new social engineering techniques - including sneaking into corporate teleconferences
-
Hackers breached a 158 year old company by guessing an employee password – experts say it’s a ‘pertinent reminder’ of the devastating impact of cyber crime
News A Panorama documentary exposed hackers' techniques and talked to the teams trying to tackle them
-
The ransomware boom shows no signs of letting up – and these groups are causing the most chaos
News Thousands of ransomware cases have already been posted on the dark web this year
-
Everything we know about the Ingram Micro cyber attack so far
News A cyber attack on Ingram Micro severely disrupted operations and has been claimed by the SafePay ransomware group.
-
A prolific ransomware group says it’s shutting down and giving out free decryption keys to victims – but cyber experts warn it's not exactly a 'gesture of goodwill'
News The Hunters International ransomware group is rebranding and switching tactics
-
Swiss government data published following supply chain attack – here’s what we know about the culprits
News Radix, a non-profit organization in the health promotion sector, supplies a number of federal offices, whose data has apparently been accessed.
-
Ransomware victims are getting better at haggling with hackers
News While nearly half of companies paid a ransom to get their data back last year, victims are taking an increasingly hard line with hackers to strike fair deals.
-
LockBit data dump reveals a treasure trove of intel on the notorious hacker group
News An analysis of May's SQL database dump shows how much LockBit was really making