Delinea, a provider of Privileged Access Management (PAM) solutions for seamless security, published its 2022 State of Ransomware Report which finds that things may be looking up in the fight against ransomware. Cyber-attacks using the popular compromising tactic have declined significantly over the past 12 months compared to the previous year, and fewer companies are paying ransoms. Still, there are red flags in the annual report related to spending, planning, and using cybersecurity tools available to combat ransomware.
Only 25% of organisations reported being victims of ransomware attacks over the past 12 months, a startling 61% decrease from the previous 12-month period when 64% of organisations reported being victims, according to a survey of 300 US-based IT decision makers conducted on behalf of Delinea by Censuswide. Additionally, the percentage of harmed businesses that paid the ransom decreased from 82% to 68%, which would indicate that warnings and suggestions to not pay the ransom are being taken seriously. As 56% of businesses with 100 or more employees reported being the target of ransomware attacks, larger businesses are significantly more likely to fall victim to this type of attack.
Along with these positive results, the survey also raised concerns that a potentially reduced threat could lead to complacency. Budget allocations for ransomware are in decline, as only 68% of those surveyed said they are currently allocated a budget to protect against ransomware versus 93% during the prior year. The number of companies with Incident Response Plans also declined from 94% to 71%, and only half are taking proactive, proven steps to prevent ransomware attacks such as enforcing password best practices (51%) and using Multi-Factor Authentication (50%).
Art Gilliland, CEO of Delinea said “The reduction of ransomware attacks is an encouraging sign, but organisations need to make sure they keep their guard up against this constant, evolving threat.”
He added “Staying vigilant by maintaining a strong least privilege approach backed by stronger password protection, authentication enforcement, and access controls can help continue this downward trend.”
The survey also showed that, compared to the previous year, more respondents indicated that their companies had lost clients (50%) and income (56%) as a result of ransomware assaults. Less businesses (43%) experienced reputational harm as a result of being ransomware attack victims.
Mohammad Ismail, Regional Director – Middle East, Delinea said “In today’s globalised economy, cybersecurity trends are largely mirrored across international markets. So, while our study focused on US organisations, the ransomware insights it presents can certainly inform businesses in the UAE as well,”
He added “The results indicate significant, positive shifts in how we have come to view the ransomware landscape in recent years. Together with an overview of the possible reasons behind these results, the 2022 State of Ransomware Report also highlights some potential pitfalls. It should therefore be taken into account at this critical period when Middle East businesses are setting out their cybersecurity budgets and strategies for the year ahead.”