An Mimecast survey found that organizations are confident in their ransomware preparedness despite consistently being the target of attacks.
Mimecast Research this week announced the publication of its new report, “State of Ransomware Readiness: Facing the Reality Gap.”
Over the past year there has been a dramatic rise in ransomware attacks, according to Mimecast. Moreover, large enterprises are bearing the brunt of the onslaught. They experienced an average of 10,000 attacks over the past two years.
The new research report is based on a global survey of 742 cybersecurity professionals.
Shift to remote work led to resource gaps
Cybersecurity leaders are facing challenges related to technology, people and processes, Mimecast says. The shift to remote work brought on by the COVID-19 pandemic has resulted in numerous new devices to protect,. This shift has left organizations more vulnerable to ransomware through unsecure networks.
Respondents cited phishing emails with ransomware attachments (54%), web security (47%), and phishing emails leading to a drive-by download (45%) as primary sources of ransomware attacks.
In addition, only 45% reported they have file backups that would allow them to avoid having to pay the ransom, or to mitigate damage from an attack. Fully 45% would like budget to fund more up-to-date data security systems.
The study also found that 46% of executives want more frequent security awareness training for end-users
Finally, 40% of respondents wanted greater sharing of threat data.
Organizations are more confident than they are prepared
Mimecast research shows that ransomware attacks are widespread and prevalent. Fully 80% of organizations have been targeted in the past two years. They experienced an average of 3,000 attacks during this time, or four per day. Yet, the survey found that 77% of executives are confident in their company’s preparedness for ransomware attacks.
This may be because 83% of executives believe they can get all their data back without paying the ransom. But this directly contradicts the fact that 39% of organizations paid the ransom.
In fact, companies that fell victim to a ransomware attack noted that they saw disruption to their operations (42%), faced significant downtime (36%), lost revenue (28%) and lost current customers (21%).