Think your business is ready for ransomware? Think again
Although business leaders think they're fully prepared to deal with ransomware, actual outcomes suggest otherwise, according to a new report.
Druva has commissioned IDC to conduct independent research into ransomware preparedness, challenges, and threats to find out how approaches to ransomware are changing and whether common recovery efforts are effective.
While 85 percent of organizations claim to have a cyber-recovery playbook for intrusion detection, prevention, and response, 46 percent have been successfully attacked by ransomware in the past three years.
Although 92 percent say their data resiliency tools are 'efficient' or 'highly efficient,' 67 percent of those hit by ransomware were forced to pay the ransom, and nearly 50 percent experienced data loss.
Similarly 93 percent claim to have either fully automated or partially automated recovery tools to find the correct recovery point, yet the inability to determine the correct recovery point is cited as the number one reason for data loss, with corrupted backups at number two.
When asked about their attitude to data resilience, 77 percent say that it's a top three priority, while 19 percent say it's a priority but outside their top three. Only three percent say it's not a priority.
In terms of modernizing their data resilience systems, the top desire for change is fully automated and non-disruptive infrastructure updates. This is followed by a need for greater automation and recovery orchestration from ransomware.
The report's authors conclude, "Organizational leaders think they are ready for a ransomware attack, but the research from this study illustrates that most are not. Too many organizations were forced to pay the ransom, lost data, or took excessively long to recover. Unfortunately, no one knows what they don't know until it's too late. Attacks come in unexpected ways, and cybercriminals have extensive experience in finding vulnerabilities. IT and business leaders need to make a frank, honest assessment regarding their data resilience and cyber-recovery capabilities."
You can read more on the Druva site and there's an infographic summary of the findings below.