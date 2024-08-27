New Research Finds Ransomware Remains a Mission Critical Issue as 61% of Companies Deal with at Least 24 Hours of Downtime Following an Attack

The research found that ransomware is an all-too-common occurrence: 83% of organizations have experienced at least one ransomware attack in the last year, 46% of respondents experienced four or more and 14% indicated they experienced 10 or more. Of those respondents who experienced at least one ransomware attack in the last year, 61% said it resulted in downtime of at least 24 hours.

Enterprises Can’t Rely on the Integrated Security of ERP Solutions

Of those organizations that experienced ransomware attacks, 89% said their Enterprise Resource Planning (ERP) applications and systems were affected by the attack at least once. The majority of respondents realize this is a business-critical issue with 93% of respondents agreeing it’s necessary to have a dedicated ERP security solution.

Growing Concern Amid AI-Enabled Threats and Impact of ERP Disruptions

According to Gartner®, AI-enhanced malicious attacks was the top most commonly cited concern in the first quarter of 2024 based on the research firm’s emerging risk rankings.*

“While the volume of these attacks isn’t surprising, the increasing impact to ERP applications is notable and it will only get worse amidst AI-enabled threats,” said Mariano Nunez, CEO of Onapsis. “This is a reflection of ransomware actors realizing that disrupting ERP and business-critical applications gives them the most leverage, as downtime is measured in millions of dollars per hour at large organizations. The research is also very clear in that generic security solutions on the market are falling short. Enterprises need a purpose-built, comprehensive solution that protects their mission-critical ERP platforms from this increasing threat.”

A View into how Companies are Handling Ransomware

When asked if they communicated with the threat actor executing the ransomware attack, the majority (69%) said yes. As for whether organizations are paying the ransom, respondents were split with 34% paying every time, 21% paying only some of the time and 45% never paying. Many organizations are turning to outside support to help manage ransomware with 83% of respondents who paid the ransom at least once, saying they have worked with a ransomware broker.

Ransomware has become so prevalent and problematic, 96% of organizations realized they’ve needed to make changes to their security strategy. When asked how ransomware has influenced their cybersecurity investment:

57% invested in new solutions

54% invested in employee training

53% added more cybersecurity staff internally

36% hired an outside threat research team

Methodology

The survey was conducted among 500 Cybersecurity DMs, Manager and above from organisations with 500+ employees across UK and DACH. The interviews were conducted online by Sapio Research in June and July 2024 using an email invitation and an online survey. Results of any sample are subject to sampling variation. The magnitude of the variation is measurable and is affected by the number of interviews and the level of the percentages expressing the results. In this particular study, the chances are 95 in 100 that a survey result does not vary, plus or minus, by more than 4.4 percentage points from the result that would be obtained if interviews had been conducted with all persons in the universe represented by the sample. Sample was selected from Online partner panels.

