4 in 5 firms feel prepped vs attacks, but half were still hit

The global threat of ransomware remains at peak levels, with half of organisations across all sizes, regions and industries falling victim in the last year, findings from Fortinet’s 2023 Global Ransomware Report show.

The study involved a survey of 569 cybersecurity leaders from 31 different locations around the world, including the United States, United Kingdom, France, India, and Japan, among others. Survey respondents came from a range of industries, such as manufacturing (29%), technology (19%), transportation (12%) and healthcare (11%).

The study found that the top challenges to stopping a ransomware attack were people and process related, with many organisations lacking clarity on how to secure against the threat.

There are a range of technologies viewed as essential to prevent ransomware, with an overwhelming majority prioritising an integrated approach to security.

Despite the global macroeconomic environment, security budgets will increase in the next year with a focus on AI/ML technologies to speed detection, centralised monitoring tools to speed response, and better preparation of people and processes.

Fortinet’s research revealed there was a large disconnect between respondents’ level of preparedness with existing strategies and their ability to stop a ransomware attack. 

Although 78% of organisations stated they were “very” or “extremely” prepared to mitigate an attack, the survey found 50% fell victim to ransomware in the last year, and almost half were targeted two or more times. 

Four out of the five top challenges to stopping ransomware were people or process related. The second-largest challenge was a lack of clarity on how to secure against the threat as a result of a lack of user awareness and training, and no clear chain-of-command strategy to deal with attacks.

The survey also found that despite most (72%) detecting an incident within hours, and sometimes minutes, the percentage of organizations paying ransoms remains high, with almost three-quarters of respondents making some form of ransom payment. 

When comparing across industries, organisations in the manufacturing sector received higher ransoms and were more likely to pay the fee. Specifically, one quarter of attacks among manufacturing organisations received a ransom of $1 million or higher. 

Finally, while almost all organisations (88%) reported having cyber insurance, almost 40% didn’t receive as much coverage as expected and, in some cases, didn’t receive any because of an exception from the insurer.

In addition, the report found that organisations using point products were the most likely to fall victim to an attack in the last year, while those who had consolidated to a smaller number of platforms were the least likely to be a victim. 

Further, almost all respondents (99%) viewed integrated solutions or a platform as essential to preventing ransomware attacks. These findings underscore the importance of leveraging a unified platform approach to defend against ransomware.