Organisations underestimate ransomware threat

Organisations remain overconfident in their ability to respond to ransomware attacks, according to the results of a new survey published by Fortinet.

The survey indicates that while 78% of organisations felt prepared for ransomware attacks, half of respondents still fell victim to them.

Meanwhile, despite 72% of organisations detecting a ransomware incident within hours, almost three-quarters of victims are still making some form of ransomware payment.

Organisations in the manufacturing sector received higher ransoms and were more likely to pay up, with one-quarter of attacks targeting ransomware organisations receiving a demand of $1 million or higher.

In addition, while 88% of organisations reported having cyber insurance, almost 40% didn’t receive as much coverage as expected, and in some cases didn’t receive any because of exceptions from the insurer.

Among the top five challenges involved in stopping ransomware, four were people or process related, while the second-largest challenge was a lack of clarity on how to secure against the threat.

In light of the growing ransomware threat, 91% of organisations expect to increase their security budgets in the next year, with organisations most concerned with adopting security solutions for IoT, as well as secure access service edge solutions, cloud workload protections, next-generation firewalls, endpoint detection and response, zero trust network access and security email gateways.

Top anticipated future priorities include investing in AI and machine learning-powered security technologies, the survey found.

Image credit: iStock.com/Boonrit Panyaphinitnugoon