Skip to main content

Businesses are far more confident in their ransomware protections than they should be

(Image credit: Image Credit: WK1003Mike / Shutterstock )

Many UK businesses suffer from an inappropriate sense of confidence when it comes to shielding against ransomware, new data suggests.

According to a report from security company Adarma, based on a survey of 500 C-level executives, there is a "major disconnect" between the perceived level of protection and the reality of the situation.

The good news is that almost all respondents (94 percent) are quite concerned about the ransomware threat. This comes as little surprise, given that the majority (58 percent) experienced such an attack in the last 12 months.

However, on the other hand, 95 percent are confident in their ability to effectively respond to ransomware attacks, while 22 percent don’t even have an incident response plan set up.

Of those that admitted to suffering a ransomware attack, two-thirds (67 percent) paid the ransom, which runs counter to best-practice advice.

What's more, many businesses are unclear about who is accountable for the failure to defend against attacks. Almost half (48 percent) would blame the IT security team, while a third (33 percent) would point towards the CEO or board of directors. A fifth (19 percent), meanwhile, say the employee that enabled the ransomware attack by downloading the malware (opens in new tab) should be held responsible. 

“Ransomware is at epidemic levels and there is a disconnect between organisations’ confidence in their levels of preparedness in the face of an attack and what we are seeing on the ground," said John Maynard, Adarma CEO.

“It is critical that we reduce the attack surface, harden our systems, deploy preventive and detective controls, and implement a well thought out incident response plan that extends beyond just the technical requirements.”

Sead Fadilpašić is a freelance tech writer and journalist with more than 17 years experience writing technology-focussed news, blogs, whitepapers, reviews, and ebooks. And his work has featured in online media outlets from all over the world, including Al Jazeera Balkans (where he was a Multimedia Journalist), Crypto News, TechRadar Pro, and IT Pro Portal, where he has written news and features for over five years. Sead's experience also includes writing for inbound marketing, where he creates technology-based content for clients from London to Singapore. Sead is a HubSpot-certified content creator.