In oneparochial survey, respondents shared their views and data on this and other experiences in experiencing ransomware attacks last year

In addition to the first few trends among respondents, the following statistics were noted:/p>

  • 63% of respondents indicated that their organizations’ backup and cyber teams “lacking synchronization”, and 61% of security professionals (and 75% of backup admins) indicated their belief that the teams needed either ‘significant improvement’ or “a complete system overhaul”.
  • 81% of respondents indicated their organization had paid the ransom to end an attack and recover data, with one-third still not able to recover the data as promised. Overall, more respondents had “paid, but could not recover (data)” than those that had “recovered (data) without paying”.
  • 65% of respondents whose organizations were covered by cyber insurance that covered ransom payments had chosen to use that coverage, while 21% had paid the ransom without making a claim. Ransoms paid averaged about 32% of the overall financial impact to respondents’ organizations after the payout, with 62% of the overall financial impact “in some way reclaimable” through insurance or other means, and everything else charged to the organizations’ bottom-dollar budget.
  • 2% of respondents indicated that their organizations lacked a pre-identified incident response team, and 3% had teams but without a playbook in place.
  • There was no significant variation indicated by respondents, between how much data was affected within the data center versus data within remote offices/branch offices or even on data hosted in a public or private cloud.
  • 63% of respondents indicated their organizations were at risk of reintroducing infections while recovering from ransomware attacks or significant IT disasters due to pressuree to restore IT operations quickly.
  • 75% of respondents indicated their organizations had implemented on-premises backup disks that can be hardened, and 85% had started utilizing cloud-storage with immutability capabilities.