Skip links

Enterprise Strategy Group Research Finds Businesses Have Mission-critical Gaps in the Fight Against Ransomware

New Market Maturity Model Helps Identify Best Practices for Better Preparedness

ESG today announced new research into ransomware preparedness revealing alarming facts about the frequency and pervasiveness of successful ransomware attacks.

NEWTON, MASS. JUNE 15, 2022 – Enterprise Strategy Group (ESG), a leading IT analyst, research, and strategy firm, and a division of TechTarget, Inc., today announced new research into ransomware preparedness. The study reveals alarming facts about the frequency and pervasiveness of successful ransomware attacks, and what the best prepared organizations are doing about this looming threat. Ransomware is a subset of malware that locks victimized organizations’ data and systems, typically via encryption, and demands payment to decrypt or return access. According the ESG research, 79% of organizations have experienced at least one attempted ransomware attack within the last year, with 56% of organizations that were victimized by a successful ransomware attack actually paying a ransom to regain access to their systems or data.

The new report, The Long Road Ahead to Ransomware Preparedness, summarizes a survey of 620 IT and cybersecurity professionals responsible for protecting against ransomware. Although one might expect that organizations protect all of their mission-critical applications and data, the study shows that only 14% of organizations protect more than 90% of their mission-critical applications. Look no further for disruption opportunities. This is just one of several indicators of how immature, and unprepared, the market is overall.

“An important line of defense in the ransomware era is what I call ‘protecting the protector,’” said ESG Practice Director Christophe Bertrand. “That means ensuring backup data isn’t vulnerable to corruption. Air-gapping is an important consideration here, which means using technologies like data vaults or tape that can easily put data offline from the main network and outside world. It’s unfortunate that only 30% of organizations have deployed this type of solution today.”

Additionally, less than half (41%) of organizations test the ability to restore data from their data protection solutions weekly or more frequently, which is too low to sustain the current influx of attacks and their consequences. Ransomware data restoration is not as straightforward as a “normal” recovery, and it may be hard to plan for all possible scenarios given the many types of attacks. Making matters more precarious, 87% of organizations are concerned that their data backup copies themselves could become infected or corrupted by ransomware attacks.

As part of this research, ESG created a segmentation model in order to connect the dots between those organizations that feel most prepared and the specific strategies they use to get there. This model placed survey respondents into different stages of maturity based on how they answered questions across the categories of ransomware readiness, prevention, response, recovery, and business continuity, and then looked at how these different cohorts reported various ransomware-related outcomes. According to this segmentation model:

  • 68% of organizations scoring into the group on the cutting-edge of ransomware preparedness have been able to recover more than 75% of their data after paying out a ransomware attack, while only 29% of businesses with the least mature ransomware processes and technologies can say the same. So, although paying the ransom doesn’t guarantee data recovery, more ransomware-prepared organizations fare better when it comes to getting more of their data back.
  • In terms of ransomware readiness, the most-prepared organizations were nearly five times likelier (47% versus 10%) than the least-prepared to report complete confidence in their preparedness to combat a ransomware attack.

“Ransomware is its own economy, comprising the cryptocurrency payments that criminals extort, the ransomware software traded on the dark web, the defense technology sold by vendors, and even the cyber insurance policies organizations take out to protect themselves,” said ESG Principal Analyst Dave Gruber. “Any IT organization that thinks they can confront this massive issue with standard security practices of the past could find themselves sorely mistaken and, perhaps, the subject of future news headlines.”

For more information on this new research, please visit ESG’s website.

You can see more of Christophe’s work on ESG’s website or learn more from Dave Gruber on ESG’s website.

About ESG
Enterprise Strategy Group (ESG) is an integrated technology analysis, research, and strategy firm providing market intelligence, actionable insight, and go-to-market content services to the global technology community. It is increasingly recognized as one of the world’s leading analyst firms in helping technology vendors make strategic decisions across their go-to-market programs through factual, peer-based research. ESG is a division of TechTarget, Inc. (Nasdaq: TTGT), the global leader in purchase intent-driven marketing and sales services focused on delivering business impact for enterprise technology companies.

Leave a comment