IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

Almost 70% of CISOs expect a ransomware attack

Many companies are willing to make ransomware payments in the face of the growing threat

Fears over ransomware attacks are worsening, according to a survey of CISOs released this week. 

Security knowledge-sharing group CISOs Connect surveyed its CISO members for the Ransomware in Focus report, quizzing them on their ransomware experiences. They represented companies of all sizes. 

The survey responses indicated that the ransomware problem will get worse before it gets better. Of the CISOs surveyed, 69% expect to be hit by a ransomware attack in the coming year, up from 53% who were hit with ransomware attacks last year. 

The survey also showed that even companies hit by a ransomware attack aren't that good at plugging holes in their defenses, with almost a quarter (23.8%) reporting they were hit multiple times last year. 

Midsize companies are a more likely target, with companies employing 1,000 to 4,999 people suffering the highest rate of attacks at 67.5%. Companies employing 10,000 to 25,000 people suffered the next highest rate at 62.2%. 

Smaller companies were less likely to be hit, but the odds were still high, as 20% of organizations employing fewer than 100 people suffered an attack. 

Manufacturing was the highest-hit sector, with 81.3% of respondents in that sector getting hit, followed by telecoms and technology at 79.3%. Professional services suffered the lowest rate of attacks at a still-concerning 43.5%. 

Ransomware payments are one of the least concerning things for CISOs when considering attacks. The hard cost of paying the ransom was the second-last concern among 11 issues raised. Instead, they're primarily worried about sensitive data exposure, followed by the cost of returning to normal operations, and the potential loss of revenue from disruption. 

Payment figures bear this out, with 65% of companies that suffered a successful attack paying the ransom. Only 55% of those payers got all their data back. Most of the rest only got some of their data. 

In spite of the low success rate, many companies would still pay up. The survey found 35.6% likely to pay a ransom if they were hit in the next year, with another 25% reporting a 50-50 chance that they'd hand over the money. 

Related Resource

2021 state of email security report: Ransomware on the rise

Securing the enterprise in the COVID world

2021 state of email security report: Ransomware on the rise - whitepaper from MimecastFree download

Some companies (15%) have even prepared a Bitcoin reserve for such an event, while another 17% retained a cryptocurrency broker that could access digital coins if necessary. 

Just over seven in ten organizations had an incident response plan to cope with a ransomware attack. One surprising statistic from the report was only 60.7% of respondents felt they had good data backup and recovery technology. Another 23.5% had some solution but wanted an upgrade, while 14.2% of organizations had no backup solution at all but plan to add one, and 1.6% had no plans to add one. 

Featured Resources

The 3D skills report

Add 3D skills to your creative toolkits and play a sizeable role in the digital future

Free Download

The increasing need for environmental intelligence solutions

How sustainability has become a major business priority and is continuing to grow in importance

Free Download

2022 State of the multi-cloud report

What are the biggest multi-cloud motivations for decision-makers, and what are the leading challenges

Free Download

Solve global challenges with machine learning

Tackling our word's hardest problems with ML

Free Download

Recommended

Threat hunting for MSPs
Whitepaper

Threat hunting for MSPs

10 Jan 2023
IBM LinuxONE for dummies
Whitepaper

IBM LinuxONE for dummies

4 Jan 2023
Six myths of SIEM
Whitepaper

Six myths of SIEM

3 Jan 2023
Storage's role in addressing the challenges of ensuring cyber resilience
Whitepaper

Storage's role in addressing the challenges of ensuring cyber resilience

3 Jan 2023

Most Popular

Dutch hacker steals data from virtually entire population of Austria
data breaches

Dutch hacker steals data from virtually entire population of Austria

26 Jan 2023
European partners expect growth this year, here are three ways they will achieve it
Sponsored

European partners expect growth this year, here are three ways they will achieve it

17 Jan 2023
GTA V vulnerability exposes PC users to partial remote code execution attacks
vulnerability

GTA V vulnerability exposes PC users to partial remote code execution attacks

23 Jan 2023