The Long Road Ahead toRansomware Preparedness

Research Objectives

The ransomware threat is a top-of-mind issue for so many organizations; however, few feel totally prepared for an attack. Without an industry reference architecture or blueprint for ransomware protection, organizations are building their own strategies and processes to respond. But with ransomware protection included with so many different security and data protection solutions, many are confused about the scope of what is to be included, who is responsible for the implementation, and who needs to be involved in the conversation.

In order to connect the dots between those organizations that feel most prepared and the specific strategies and plans they are using to get there, with an eye on defining best practices, ESG surveyed 620 IT and cybersecurity professionals personally involved with the technology and processes associated with protecting against ransomware attacks at midmarket (100 to 999 employees) and enterprise (1,000 or more employees) organizations in North America (US and Canada) and Western Europe (UK, France, and Germany).

Ransomware Attacks Are Frequent and Having an Impact

Ransomware attacks make the news on a regular basis, so it should come as no surprise that respondents confirm the regular frequency with which they occur. Indeed, 79% of respondent organizations report having experienced a ransomware attack within the last year, and among that population, with nearly three[1]quarters report that they have been financially or operationally impacted by these attacks, making them “successful.” It should also be noted that 1 in 3 organizations report having been successfully hit more than once, making ransomware both a significant and recurring source of business disruption