The 2017 Ransomware Report, a comprehensive study produced in partnership with D3 Security, was published on September 26. The report compiles survey answers collected by Crowd Research Partners from over 500 cybersecurity professionals to create a complete picture of ransomware in 2017, including how it is impacting organizations, and what they’re doing to combat it.
You can download the entire report from our Resource Library, but in this post, we’ll take a quick look at three major themes in the survey results.
It should be no surprise to anyone who has followed cybersecurity news this year that ransomware is considered the fastest growing security threat. 80% of survey respondents see ransomware as a moderate or extreme threat, with 75% expecting the threat to grow over the next year. Compounding the potential risk is the likelihood of being targeted again and again. 65% of the organizations that were targeted in the past year experienced multiple attacks.
Despite the clear risk that ransomware presents, many organizations are not adequately prepared to protect themselves. 60% of respondents had moderate or lower confidence in their organization’s ransomware defense. While a majority of organizations have a training program for protecting against ransomware, 40% still don’t have an incident response team in place to detect and contain attacks.
Over 50% of respondents said a lack of budget was one of the biggest obstacles to improving defense—while also citing the evolving sophistication of attacks and a lack of human resources for IT security as major issues. There is some reason to hope improvements are coming, however, as 60% expect their budget to increase in the next year.
Major ransomware outbreaks throughout 2017 have demonstrated how devastating an attack can be, and the report illustrates how high the stakes are for many organizations. More than half of the respondents said financial data, customer information, employee information, and company IP were all at significant risk from ransomware attacks. For those who have already been hit, ransomware attacks had adverse impacts across both business and IT security concerns, including the change of their security strategy (49%), increased spending on security (41%), system downtime (41%), productivity loss (39%), and data loss (30%).
If ransomware hasn’t already touched your organization, it’s likely to in the near future. If you’re like 77% of survey respondents, who said they were not at all likely to pay the ransom to recover their files, then you need to make sure you know the risks, likely methods of attack, and the best prevention strategies. The 2017 Ransomware Report is your best way to get an understanding of the ransomware landscape, and what other cybersecurity professionals are doing to protect their organizations. You can download the report for free from our Resource Library.
D3 provides full-lifecycle incident response solutions that help some of the world’s largest companies mitigate the damage of ransomware and any other cyberattacks. Schedule a demo to learn more about how we can be part of your ransomware readiness solution.