Delinea has published its 2022 State of Ransomware Report which finds that successful cyber attacks using ransomware as a tactic declined significantly during 2022 compared to the previous year, and fewer companies are paying ransoms. Still, there are red flags in the annual report related to spending, planning, and using cyber security tools available to combat ransomware.
The survey of 300 US-based IT decision makers, conducted on Delinea’s behalf by Censuswide, found that only 25 percent of organizations were victims of ransomware attacks over the past 12 months, a 61 percent decline from the previous 12-month period when 64 percent of organizations reported being victims. Furthermore, the number of compromised companies who paid the ransom declined from 82 percent to 68 percent.
Along with these positive results, the survey also raised concerns that a potentially reduced threat could lead to complacency. Budget allocations for ransomware are in decline, as only 68 percent of those surveyed said they are currently allocated budget to protect against ransomware versus 93 percent during the prior year. The number of companies with incident response plans also declined from 94 percent to 71 percent, and only half are taking proactive, proven steps to prevent ransomware attacks such as enforcing password best practices (51 percent) and using multi-factor authentication (50 percent).
The survey also revealed that the consequences of ransomware attacks are now more tangible, as more respondents specified that their companies lost revenue (56 percent) and customers (50 percent) compared to the previous year. Fewer organizations (43 percent) reported reputational damage as a result of being victims of a ransomware attack.