ExtraHop® Finds 91% of Organizations Made Ransomware Payments Last Year

ExtraHop, a leader in cloud-native network detection and response (NDR), today released its third annual Global Cyber Confidence Index, which found organizations are generally ill-equipped to manage and mitigate their cyber risk following a significant increase in ransomware attacks and cybersecurity incident downtime.

Although an overwhelming majority (88%) of IT and cybersecurity decision makers said they are confident in their organizations' ability to manage cyber risk, most acknowledged that they are frequently the victim of ongoing threats, and falling behind when it comes to identifying and remediating threats.

Amid a recent onslaught of attacks against the world's most profitable industries and critical infrastructures, and regulatory bodies like the SEC tightening compliance rules, understanding an organization's ability to effectively manage cyber risk is more critical than ever before.

Key insights from the report include:

Cyberattackers are raking in ransomware payments

Nearly one in four (22%) respondents deemed ransomware the biggest risk to their organization - an unsurprising finding as about half say they are still running at least one insecure network protocol that threat actors are known to exploit in ransomware attacks. Highlighting this concern, 58% said they experienced six or more ransomware incidents in 2023 (up 32% year over year). On the heels of BlackCat's attack on Change Healthcare, healthcare was among the top industries impacted by ransomware, with organizations averaging nine incidents each last year.

Of those surveyed, almost all that experienced a ransomware attack paid up; in 2023, 91% paid the ransom, compared to 83% in 2023 and 72% in 2022. On average, the research found ransomware payments alone cost nearly $2.5 million per organization in the last year - before adding in the unrealized costs associated with remediation.

Downtime is draining organizations of their time and money

When discussing the impact cybersecurity pitfalls have on their businesses, respondents said they averaged 56 hours of downtime following a security incident last year. Downtime for industrial companies hit slightly higher at 58 hours, and, with recent research calculating the median cost of industrial downtime at nearly $125,000 per hour, these companies could lose upwards of $7.25 million per incident.

The largest organizations surveyed (5,000+ employees) experienced the most downtime at nearly 62 hours on average per incident. Globally, France led downtime at 68 hours, followed by the United States (63 hours) and Australia (62 hours).

Organizations are putting their faith in AI

Organizations are overwhelmed by a multitude of barriers holding them back from effectively managing cyber risk, citing immature risk management processes (21%), the inability to catch up in a fast-paced industry (18%), a lack of alignment between the cybersecurity organization and the business (16%), outdated technology (15%), insufficient personnel resources (14%), and insufficient budgets (13%).

In response to this widespread set of unique challenges, more than a third (38%) of respondents agree using AI and machine learning to help manage and mitigate cyber risk is a top priority for their organization this year.

"Cyber risks are inevitable and no single organization is immune to the threat bad actors pose to their business," said Raja Mukerji, co-founder and Chief Scientist, ExtraHop. "With ransomware and downtime on the rise and ripple effects being felt throughout entire organizations, leaders are recognizing an inherent need to prioritize cybersecurity, and, better yet, business resilience. With greater visibility into and awareness of the current threat landscape, they can better identify their weaknesses, shore up their defenses, and develop an action plan that keeps disruption to employees, customers, and other stakeholders to a minimum."

Download the 2024 Global Cyber Confidence Index.

*This survey was conducted by Censuswide.*

About ExtraHop^®

ExtraHop is the cybersecurity partner enterprises trust to reveal cyber risk and build business resilience. The ExtraHop RevealX^TM network detection and response (NDR) platform uniquely delivers the unparalleled visibility and decryption capabilities that organizations need to investigate smarter, stop threats faster, and move at the speed of risk. Learn more at www.extrahop.com.

© 2024 ExtraHop Networks, Inc., RevealX, RevealX 360, RevealX Enterprise, and ExtraHop are registered trademarks or trademarks of ExtraHop Networks, Inc.