In oneparochial survey, respondents shared their views and data on this and other experiences in experiencing ransomware attacks last year

In an early-2024 survey of 1,200* “unbiased IT leaders (CISO, security professional or backup administrator)” whose organizations had suffered at least one cyberattack in 2023 on their ransomware incidents, several trends were summarized for disclosure.

First, for the respondents, ransomware remained an ongoing threat and was the largest single cause of IT outages and downtime, with 41% of their data compromised during a cyberattack. An average of 57% of the compromised data was recovered.

Second, 45% of respondents reported heightened pressure on IT and security teams; 26% indicated suffering a loss of productivity, and 25% indicated experiencing disruptions to internal or customer-related services. In terms of working conditions, 45% of respondents cited increased post-attack workload, while 40% reported “heightened stress levels” and other personal challenges that were “difficult to mitigate on ‘normal’ days”.

Other key findings

In addition to the first few trends among respondents, the following statistics were noted:/p>

  • 63% of respondents indicated that their organizations’ backup and cyber teams “lacking synchronization”, and 61% of security professionals (and 75% of backup admins) indicated their belief that the teams needed either ‘significant improvement’ or “a complete system overhaul”.
  • 81% of respondents indicated their organization had paid the ransom to end an attack and recover data, with one-third still not able to recover the data as promised. Overall, more respondents had “paid, but could not recover (data)” than those that had “recovered (data) without paying”.
  • 65% of respondents whose organizations were covered by cyber insurance that covered ransom payments had chosen to use that coverage, while 21% had paid the ransom without making a claim. Ransoms paid averaged about 32% of the overall financial impact to respondents’ organizations after the payout, with 62% of the overall financial impact “in some way reclaimable” through insurance or other means, and everything else charged to the organizations’ bottom-dollar budget.
  • 2% of respondents indicated that their organizations lacked a pre-identified incident response team, and 3% had teams but without a playbook in place.
  • There was no significant variation indicated by respondents, between how much data was affected within the data center versus data within remote offices/branch offices or even on data hosted in a public or private cloud.
  • 63% of respondents indicated their organizations were at risk of reintroducing infections while recovering from ransomware attacks or significant IT disasters due to pressuree to restore IT operations quickly.
  • 75% of respondents indicated their organizations had implemented on-premises backup disks that can be hardened, and 85% had started utilizing cloud-storage with immutability capabilities.

According to Dave Russell, Senior Vice President, Head of Strategy, Veeam, the firm that commissioned the yearly survey: “Ransomware attacks will continue, be more severe than predicted, and the overall impact will cost organizations more than they expect… By aligning teams and bolstering cybersecurity with immutable backups, they can protect their valuable business data…”

*The survey report does not contain data on the respondents’ geographical or industry profiles, and an email address is supplied for further enquiries