As ransomware turns into extra pervasive, new knowledge offers perception into how nicely organizations are responding and the assault vector getting used most.
We hear quite a bit about ransomware assaults, however I’m not seeing knowledge about how nicely organizations fared, so I used to be glad to see GetApp’s 2024 Knowledge Safety report.
In keeping with the report, practically half of U.S. corporations (44%) skilled a ransomware assault within the final 12 months – that is lower than the worldwide common of 52% of organizations, indicating that U.S. corporations are doing a greater job at stopping assaults at their preliminary assault vector.
However what pursuits me extra is what occurred. In keeping with the report, of these attacked:
- 43% of organizations resorted to paying a ransom
- 36% had been in a position to get better from the assault and decrypt the information with out paying
- 36% of ransomware victims misplaced knowledge within the assault that was by no means recovered
The report goes on to notice that throughout the 36% who misplaced knowledge, 2 of the 36% had been organizations that had no backups. As a result of GetApp is conscious of backups, I’m considering the 36% that did “get better” from the assault did so by way of backups.
So solely a 3rd had been in a position to get better their knowledge with out having to really feel extra monetary and operational impacts. That’s not totally good, as all of us want to see that proportion be MUCH larger.
I do wish to be aware that the report speaks about ransomware in the identical breath as phishing assaults, mentioning that 87% of organizations have obtained a phishing e-mail up to now 12 months.
What’s worrisome is that of these receiving a phishing e-mail, 74% of that group reported that they or another person within the enterprise had subsequently clicked on malicious hyperlinks throughout the e-mail.
Primarily based on the report knowledge and the way GetApp is tying these two points collectively so intently, it makes me imagine they’re seeing the connection we’ve lengthy recognized right here at KnowBe4 – that phishing stays some of the prevalent preliminary assault vectors for ransomware assaults.
It’s the rationale why organizations that make use of continuous new-school safety consciousness coaching see decrease engagement with phishing and different social engineering assaults, which reduces the probability of organizations experiencing any diploma of a ransomware assault.
KnowBe4 empowers your workforce to make smarter safety selections each day. Over 70,000 organizations worldwide belief the KnowBe4 platform to strengthen their safety tradition and cut back human danger.