Sponsored by CBI and Check Point • Independently conducted by Ponemon Institute
Ransomware is everywhere
Most companies surveyed have experienced a ransomware attack in the recent past. Over half paid the ransom, citing reasons such as avoiding downtime, avoiding data leakage, or the existence of a cyber insurance policy.
of organizations surveyed have experienced a ransomware attack.
were attacked in the past 12 months.
of companies who experienced a ransomware attack paid the ransom.
of companies lack confidence that their current security controls will protect them from ransomware.
of respondents say having full and accurate backups are not enough.
The average amount companies spend annually to prevent and combat ransomware attacks.
Companies lack confidence in their security controls
Although companies spend millions every year to fight ransomware, few believe their current security controls are enough to protect their organization.
Phishing remains a top attack vector
Despite security awareness training programs, survey respondents lack confidence that employees can detect phishing. Only half of companies’ training programs fully address phishing.
of ransomware attacks were unleashed via phishing.
of respondents are confident in their employees’ ability to detect social engineering lures.
lack confidence in their ability to respond to a ransomware attack.
need the engagement of third parties to reduce the risk of ransomware.
need third party expertise to remediate ransomware attacks.
Companies lack in-house expertise to handle a ransomware attack
Most companies surveyed need the help of third parties to mitigate ransomware risk and to remediate incidents.
Download the full report
For full details about the impact of ransomware on organizations, including organizational readiness, supply chain risks, extortion tactics, payments, and much more, download the full report using the form below.