Almost 70% of CISOs expect a ransomware attack

Fears over ransomware attacks are worsening, according to a survey of CISOs released this week.

Security knowledge-sharing group CISOs Connect surveyed its CISO members for the Ransomware in Focus report, quizzing them on their ransomware experiences. They represented companies of all sizes.

The survey responses indicated that the ransomware problem will get worse before it gets better. Of the CISOs surveyed, 69% expect to be hit by a ransomware attack in the coming year, up from 53% who were hit with ransomware attacks last year.

The survey also showed that even companies hit by a ransomware attack aren't that good at plugging holes in their defenses, with almost a quarter (23.8%) reporting they were hit multiple times last year.

Midsize companies are a more likely target, with companies employing 1,000 to 4,999 people suffering the highest rate of attacks at 67.5%. Companies employing 10,000 to 25,000 people suffered the next highest rate at 62.2%.

Smaller companies were less likely to be hit, but the odds were still high, as 20% of organizations employing fewer than 100 people suffered an attack.

Manufacturing was the highest-hit sector, with 81.3% of respondents in that sector getting hit, followed by telecoms and technology at 79.3%. Professional services suffered the lowest rate of attacks at a still-concerning 43.5%.

Ransomware payments are one of the least concerning things for CISOs when considering attacks. The hard cost of paying the ransom was the second-last concern among 11 issues raised. Instead, they're primarily worried about sensitive data exposure, followed by the cost of returning to normal operations, and the potential loss of revenue from disruption.

Payment figures bear this out, with 65% of companies that suffered a successful attack paying the ransom. Only 55% of those payers got all their data back. Most of the rest only got some of their data.

In spite of the low success rate, many companies would still pay up. The survey found 35.6% likely to pay a ransom if they were hit in the next year, with another 25% reporting a 50-50 chance that they'd hand over the money.

Some companies (15%) have even prepared a Bitcoin reserve for such an event, while another 17% retained a cryptocurrency broker that could access digital coins if necessary.

Just over seven in ten organizations had an incident response plan to cope with a ransomware attack. One surprising statistic from the report was only 60.7% of respondents felt they had good data backup and recovery technology. Another 23.5% had some solution but wanted an upgrade, while 14.2% of organizations had no backup solution at all but plan to add one, and 1.6% had no plans to add one.