Ransomware: Are Organisations Overconfident yet Underprepared?

Over the last two years, ransomware has posed an unprecedented danger to enterprises, causing significant harm.

As they operate from a more sophisticated and congested field, cyber adversaries’ tactics and capabilities have evolved at a dizzying pace, embracing double, and even triple, extortion schemes.

It is undeniable that today’s corporate executives are more aware of the ransomware problem. Despite this, recent statistics from industry veterans Crowdstrike – which predicts an 82 percent increase in ransomware-related data thefts by 2021 – and Adarma – which claims that 58 percent of significant UK organizations have been hit by ransomware – are depressing.

Despite this, there is troubling evidence of a disconnect between the 96 percent of businesses that say they are confident in their ability to defend against ransomware attacks and the reality of increased assault likelihood and actual breaches on the ground.

With a quarter of major corporations admitting they don’t even have a cyber incident response strategy in place, we wonder if today’s businesses are dangerously overconfident while also being woefully underprepared.

Furthermore, with two-thirds of the corporations attacked in the UK confessing to paying a ransom, we wonder if this confirms that payment as a solution – despite its numerous ethical and financial ramifications – has become standard practice.