50% of companies fell victim to ransomware in the last year
Global cybersecurity leader Fortinet has released its 2023 Global Ransomware Report.
Based on a recent global survey conducted by Fortinet, the report explores the perspectives of cybersecurity leaders on ransomware. It particularly focused on how it impacted their organisations in the last year and their strategies to mitigate an attack.
Ransomware remains a threat
Multiple key revelations are found in the report, and they all point to the continued threat of ransomware globally as they remain at peak levels.
According to the report, half of organisations across all sizes, regions and industries fell victim to a ransomware attack in the last year.
The challenges in preventing or stopping these attacks were people and process related. Organisations that responded believed they needed more clarity on how to secure their systems against the threat of attacks.
An overwhelming majority of respondents prioritised an integrated approach to their security as part of various technologies viewed as essential in preventing ransomware attacks.
Part of this prioritisation is budget, and despite the global macroeconomic environment, security budgets will increase in the next year.
The report found that there is a focus on artificial intelligence (AI)/ machine learning (ML) technologies to speed detection, centralised monitoring tools to speed response, and better preparation of people and processes.
Levels of preparedness
Fortinet's research also highlighted the levels of disconnect between respondents' preparedness and their ability to prevent attacks.
Despite 78% of organisations believing they were 'very' or 'extremely' prepared to mitigate an attack, 50% fell victim to ransomware in the last year, and almost half were targeted twice or more times.
The preparedness often came down to mitigation, and four out of five top challenges to stopping ransomware attacks were people or process related.
A lack of clarity came in as the second most significant challenge in stopping ransomware attacks. Specifically, how to secure against the threat due to a lack of user awareness and training and no clear chain-of-command strategy to deal with attacks.
The survey also revealed that while 72% of respondents detected an incident within hours, and in some cases just minutes, the proportion of organisations paying ransoms remains high. Almost three-quarters of respondents made some sort of ransom payment to attackers.
As for specific industries, organisations in the manufacturing sector received high ransoms and were more likely to pay the fee, with one-quarter of attacks among manufacturing organisations having a ransom of USD $1 million or higher.
While 88% of organisations reported having cyber insurance, almost 40% didn't obtain as much coverage as expected and, in other cases, didn't receive any due to exceptions from the insurer.
A matter of budgets
As expected in this tumultuous economic environment, 91% of organisations are expected to see an increase in security budgets next year.
Breaking down the essential technologies to secure against ransomware, IoT security, SASE, cloud workload protection, next-generation firewall (NGFW), EDR, ZTNA, and security email gateway were the most concerning areas for organisations.
An interesting statistic from the report shows that respondents citing ZTNA and secure email gateway increased by nearly 20% compared to 2021.
Email phishing remained the most common attack entry method for a second time, and in positive signs, respondents have begun to view secure email gateway with higher importance at 51%.
Other essential protections, however, such as sandboxing and network segmentation, remained low on the list, at 23% and 20%, respectively.
Protection through a platform approach
Another finding from the report was that organisations using point products were the most likely to fall victim to an attack in the last year. This is in contrast to those who had consolidated to a smaller number of platforms, who were the least likely.
This is important, considering 99% of respondents viewed integrated solutions or a platform as essential to preventing ransomware attacks.
"According to the Fortinet research released, though three out of four organisations detected ransomware attacks early, half still fell victim to them," says John Maddison, Executive Vice President of Products and CMO, Fortinet.
"These results demonstrate the urgency to move beyond simple detection to real-time response. However, this is only part of the solution, as organisations cited that the top challenges in preventing attacks were related to their people and processes. A holistic approach to cybersecurity that goes beyond investing in essential technologies and prioritises training is essential."