Cybersecurity Survey Reveals that Organizations Previously Hit by Ransomware Are Forever Changed

A new global survey titled “Cybersecurity: The Human Challenge” (reference) essentially found that organizations are never the same after they’ve experienced a ransomware attack. In line with these findings, the survey also found that how IT managers anticipate and handle future cyberattacks also changed significantly based on whether the organization had previously experienced a ransomware attack. It makes sense if you think about it. Once an organization lives through the reality of a ransomware attack, they are better prepared to take proactive prevention steps and viscerally aware of the implications of a successful attack on an organization. 

The global survey was produced by Sophos, a leader in next-generation cybersecurity. The survey included 5,000 interviews with IT decision-makers across 36 countries. The organizations analyzed all had between 100 and 5,000 employees total.

Robust statistics from the organizations surveyed backed up the broader findings–that an organization’s reaction to a ransomware attack is heavily predicated on whether they’ve been previously attacked–.

Here are some key findings:

• IT managers at organizations hit by ransomware are almost 3x as likely to feel “significantly behind” when understanding cyber threats than their peers in organizations unaffected. A percentage of 17% versus 6%. 
• 35% of ransomware victims reported that recruiting and retaining skilled IT security professionals was their single most significant challenge when considering cybersecurity. Among unaffected organizations, only 19% of respondents said the same issues.
• Survey findings showed that previous ransomware victims spent more time on the response (27%) and less time on threat prevention (42.6%) than those who had not been ransomware victims.

In general, organizations that had not previously experienced a ransomware attack tended to divert resources towards handling incidents as they were occurring (or after they had occurred) rather than dedicating resources towards stopping attacks before they happen more proactively. The study concludes that IT managers’ confidence and their approach to fighting ransomware attacks vary greatly depending on whether they have previously experienced a cyber attack versus those who have not.

The tactics, techniques, and procedures of ransomware attackers continue to evolve at unprecedented rates. Security teams, like us at PK Tech, work regularly and diligently to stay at the top of our game and up-to-date on the latest attempts by cyber attackers so that we are adequately prepared to react on behalf of our clients. If your organization does not yet have a cyberattack prevention plan in place, now is the time to employ such a plan. Work closely with your IT security team and openly discuss what immediate steps will be taken if a ransomware attack is employed within your organization. What do you (the organization) need to do, versus what will they (the IT security team) handle? Open communication, preventative plans, and rapid reaction time will often be the critical factors in how successful a ransomware attack is within your organization.

Searching for a new IT security team or have general questions about how to prepare your organization? We’d love to chat with you. Contact PK Tech here.