Most businesses are still painfully ill-prepared for a ransomware attack, with many suffering from misplaced confidence in their cybersecurity posture.
This is according to a new report from email security and cyber-resilience company Mimecast, based on a survey of 700 cybersecurity professionals worldwide, which states that less than half (45 percent) have file backups that would allow them to avoid having to pay the ransom, or enough budget to fund state-of-the-art data security systems.
Many of the executives surveyed also said their organization would benefit from more frequent security awareness training for end-users, as well as greater sharing of threat data. To conclude, there’s plenty of room for improvement - and it shows.
Over the past two years, 80 percent of enterprises experienced an average of 3,000 attacks, mostly via phishing emails, web security flaws, and email-borne ransomware. Two in five (39 percent), meanwhile, ended up paying a ransom fee to a threat actor.
At the same time, the majority of executives (77 percent) are confident in their organization’s ability to prevent, or mitigate, a ransomware attack. More than four in five (83 percent) believe they can get all of their data back without paying the ransom, while 77 percent believe they can bring the company back to full capacity within five days.
“Ransomware attacks have never been more common, and threat actors are improving each day in terms of their sophistication and ease of deployment,” said Jonathan Miles, Head of Strategic Intelligence & Security Research.
“Preparation is key in combating these attacks. It’s great to see cybersecurity leaders feel prepared, but they must continue to be proactive and work to improve processes. This report clearly shows ransomware attacks pay, which gives cybercriminals no incentive to slow down.”
- Here's our rundown of the best identity theft companies out there