In the event of being hit by a ransomware attack, over half of cybersecurity leaders would consider paying the ransom demand to cybercriminals to end the incident and restore systems faster, according to newly released figures.
Published on May 13, the report by Absolute Security suggested that 58% of CISOs would realistically think about paying the ransom, if that is what it took to help restore systems encrypted in a ransomware attack.
The research suggested that CISOs in the US are more likely to consider paying a ransom demand, at 63%, than their counterparts in the UK, at just 47%.
Absolute Security suggested that a combination of stronger legal guidance discouraging payment, GDPR complexities around data theft and extortion and lower confidence that payment will result in data recovery were all reasons for CISOs in the UK to be more reluctant to pay the ransom.
The Impact of Ransomware Attacks
If faced with a ransomware attack, the CISOs surveyed said that the operational downtime would have the most impact significant impact on their organization.
Other impacts organizations would be concerned about include data loss, reputation damage, financial loss and regulatory penalties.
“It is not surprising to learn that despite regulatory pressure, security and risk leaders remain open to paying a ransom to recover their systems and protect data when considering that prolonged downtime can lead to unsustainable losses,” said Christy Wyatt, president and CEO, Absolute Security.
Read more on ransomware: Why Ransomware Remains One of Cybersecurity’s Most Persistent and Costly Threats
According to the survey, 83% of CISOs reported that they were confident that their organization would be able to quickly recover from a ransomware attack. However, of those who had been hit by a ransomware attack, 57% said it took up to a week to restore systems, while a further 20% said it took up to two weeks. No CISOs said that their organization was able to recover within 24 hours.
This gap between confidence about recovering from a ransomware attack and the capability to do so is something the report described as “the defining ransomware challenge of this moment.”
Absolute Security concludes with a warning to organizations: that they must ensure they are committed to resilience and must build the infrastructure, governance and organizational conditions that allow them to absorb disruption and recover at speed.
“CISOs who build systems that can quickly restore continuity after disruptive attacks can avoid getting trapped in a cycle which will only grow alongside cybercriminals’ increasing use of AI-powered attacks,” said Wyatt.
The findings of The Ransomware Reality: Zero Days to Recover report are based on responses from 750 CISOs in organizations across the across the United States and United Kingdom. The survey was conducted by independent polling provider Censuswide.
