80% of executives will consider paying the ransom

October 20, 2021

A new Report, “Ransomware in Focus,” based on a survey of more than 250 Chief Information Security Officers (CISOs), cited ransomware as the #1 threat facing businesses and one of the primary CISO concerns for the next 12 months, with many believing an attack is inevitable. Fifty-three percent of respondents were hit in the past year, with 69% saying they’ll likely be successfully attacked at least once in the next year. Tthese percentages increase to 66% and 80%, respectively, when segmented for mid-sized organizations.

Ransomware in Focus uncovers the financial impact, buying decisions and business processes that these attacks have driven. The study was conducted by CISOs Connect, AimPoint Group and W2 Communications. “Since the start of 2020, criminals have been doubling down on ransomware, making it a mainstream issue impacting supply chains and business operations across industries,” stated Aimee Rhodes, CEO and Founder of CISOs Connect. “The good news is that CISOs are proactively taking steps to address these attacks. Their organizations’ ransomware concerns are acting as a catalyst to enable them to budget for new technologies and initiatives. But, challenges, as cited by the CISOs themselves, still exist. Our research indicates a number of areas that require increased and immediate attention.”

Ransomware Drives Budgeting Priorities

According to respondents, ransomware has been a driving force for gaining the CISO a seat in the board room. It has also informed priorities and buying decisions. Not surprisingly, data backup and recovery is considered by many CISOs to be the most important countermeasure for defending against ransomware, followed by technical controls and practices for addressing endpoint, email, and user vulnerabilities, where some of the greatest risks are found. In addition, the CISOs emphasized the importance of zero trust architectures as a critical defense. The research backed this sentiment, which showed network segmentation ranking as the top investment priority for the coming year.

While they are planning for these investments, the CISOs also indicated that challenges with existing solutions are standing in the way of greater progress. Difficulty implementing related tools and technologies and the availability of effective anti-ransomware solutions rank as the biggest obstacles. The global cybersecurity talent shortage and ‘other conflicting priorities’ also ranked high on CISOs lists of challenges. As noted in the report, this is an area where emerging approaches such as Managed Detection and Response (MDR) can offer important alternatives.

The Cost of An Attack

While paying the ransom remains controversial and is subject to rigorous internal debate, CISOs are equally concerned with the financial impact of restoring business operations. This is understandable when the total cost of an attack, including mitigation, recovery and possible payments, can total in the millions. According to respondents, there’s a 20% chance of paying more than $5 million and a 5 percent chance that the impact could be greater than $50 million.

Preparedness is Limited

Even with the knowledge that they are being targeted and that the costs, if hit, can be in the millions, most CISOs admit they are not prepared to make an actual ransom payment. Few indicate their organization has taken proactive steps like allocating a ransom budget, setting up a cryptocurrency account or retaining a third-party payment broker. However, fifty-five percent have taken the step to purchase ransomware insurance - the majority of whom are at larger organizations, again leaving smaller organizations more vulnerable.

Rhodes concluded: “Our data shows that while ransomware is driving a number of CISO initiatives and planning, many of the efforts may still be siloed. This creates certain areas of exposure, which could cause issues as these attacks continue to accelerate. Based on the CISOs’ feedback, many would benefit from a more holistic approach that prepares them to not only prevent and detect ransomware, but also for the possible financial impact.”

To access the complete report, please visit: https://securitycurrent.com/ransomware-in-focus/

Ransomware and the propulsion of the extortion economy has rapidly eclipsed into a national priority. Recently, we observed the catastrophic impact of a widescale ransomware attack impacting gas pipelines and raising national gas prices overnight.