Skip to main content

Businesses overconfident in their ability to deflect ransomware

(Image credit: Image Credit: WK1003Mike / Shutterstock )

IT leaders and managed service providers are well aware of the dangers posed by ransomware, but many believe it’s a tragedy that only befalls someone else, according to a new report from NinjaRMM and Coveware.

Polling IT professionals, the pair found that 86 percent consider ransomware a near existential threat. However, circa 40 percent ranked the threat to their own business as minimal, and a further 42 percent assessed the risk to their business as 3 out of 5.

This apparent overconfidence is reportedly based on changes to security posture, with the majority claiming to have followed the recommendations of security experts.

These measures include investing in back-up and configuration, enforcing multi-factor authentication across their organisation and purchasing extra security tools and services.

However, if tragedy were to strike, many businesses likely wouldn’t survive. According to the report, both managed service providers and internal IT departments could only shoulder up to $100,000 in damages, and more than half do not take out cyber-insurance.

However, the estimated total cost of a ransomware incident, in more than half of cases, is anywhere between $500,000 and $5 million.

A majority of MSPs expect to lose clients or business after ransomware-triggered downtime. Some reported losing half their customer base or more, highlighting the severity of the threat posed by this particular variety of cyberattack.

“Based on our analysis, business professionals should re-examine their security practices to ensure the business is protected not only at the endpoint level, but financially as well,” the report concludes.