US Organisations Hit by Ransomware Forced To Pay 171% Increased Ransom in 2020
Cybersecurity Europe Industry voices

Less Than 1 in 4 Companies See Ransomware as Top Security Priority Finds Egress

Databarracks, the UK based disaster recovery, backup and business continuity solutions provider, suggests board directors are failing to take ransomware seriously enough.

The statement comes following a report by Egress that found only 23 per cent of company boards see ransomware as their top security priority, despite 59 per cent of businesses being hit by ransomware attacks. This is at odds with what cyber leaders think: according to a study by the World Economic Forum, 80 per cent see ransomware as a dangerous and evolving threat to public safety.

Barnaby Mote, managing director at Databarracks, said, “There remains a clear gap between how cyber experts and company directors view the threat, despite ransomware’s prevalence. If corporate leaders don’t increase focus on the problem, it’s an open goal for cybercriminals.”

The report also found 61 per cent of CISOs affected by ransomware refused to pay the ransom, and 80 per cent who hadn’t been impacted said they would refuse. This highlights the need for a pre-prepared response to ransomware attacks, as it is a much more complex process than simply refusing to pay.

Mote added: “Organisations that have never been hit by ransomware tend to be quite bullish about not paying up, but when they do get struck, paying the ransom becomes a much likelier course of action.

“This position is becoming increasingly untenable as fewer insurance companies cover the financial impact from ransomware and those that do either reduce coverage, raise prices or increase the requirements for cover.

“Therefore, if you want to confidently refuse a ransomware demand, you need to be prepared to recover your data yourself. This means having a watertight backup strategy in place.

“This shouldn’t just be the preserve of IT departments and cyber experts: it needs buy-in from the very top. Board directors must listen closely to their cyber colleagues and realise the days of ransomware being a secondary threat are over.”

He concluded: “Ultimately, boards must take control of the ransomware situation themselves to guarantee the organisation will survive an attack. In any attack there are two options – pay the ransom or recover your data. Make sure recovering data is the priority.”

Author

  • Francis is a journalist and our lead LatAm correspondent, with a BA in Classical Civilization, he has a specialist interest in North and South America.

Related posts

Saving Systems and Government Incentives Must Be Designed With Women in Mind; Survey Finds

Tyler Pathe

Fintech For Good: Fact or Fantasy? With Evidology Systems, TechAid, AVANA & REGO

Polly Jean Harrison

Verimi and Signicat Partner to Deliver Verified Digital Identity Solution

Jason Williams