Latest News

Majority Organisations View Ransomware as a Top-three Threat to the Viability of the Business

Zerto, a Hewlett Packard Enterprise company, today announced the results of a major new study, confirming that ransomware continues to pose a serious threat and is viewed today as one of the top concerns for viability within organisations. Companies are becoming increasingly aware of the damage caused by these attacks and understanding the dire reality of the potential compromise. The research indicates that nearly two-thirds (65%) of respondents consider ransomware to be one of the top three most serious threats to the viability of the organisation.

The study was conducted by Enterprise Strategy Group (ESG) and co-sponsored by Zerto. Its findings, published in a new e-book titled “2023 Ransomware Preparedness: Lighting the Way to Readiness and Mitigation,” show that organisations can lose vital minutes to hours of time in recovery, resulting in significant and unacceptable consequences for large-scale operations. Combined with evolving techniques and targets designed to motivate payment from victim organisations, this data highlights the crucial need to reengineer recovery processes for ransomware attacks.

In addition, nearly 60% of respondent organisations report an impact to regulated data, such as personally identifiable information, in successful ransomware attacks. The study also indicates that configuration data faces an increasingly significant risk of compromise, with more than half of respondents indicating this data class was affected by a successful ransomware attack. This shows that attackers understand affecting infrastructure of a company at the core is an effective way to halt production in its tracks. As a result, IT professionals preparing to mitigate ransomware attacks must consider both business-related and infrastructure data equally in their efforts.

As the time and cost of securing data through the entirety of the data backup process continue to rise, new methods of protection arise to ensure the maximum security of backed up data. Air gapping has become a viable solution for these environments, with more than three-quarters of organisations using, testing, or expressing interest in this solution. By leveraging backups stored in volumes inaccessible by default and only accessible during protected backup sessions, cyber attackers are prevented from displacing or destroying backup data.

Despite the importance of this solution, the response breakdown shows only slightly more than one in four (27%) organisations have deployed it at this point, while 18% are in the process of testing and deploying an air-gapped solution. This confirms that while it is seen as a viable strategy, there is still much work to be done in the market overall to ensure that the vast majority have it in place.

“Given the high frequency of ransomware attacks and the impacts of successful ones such as data and infrastructure loss, many organisations are left with damages that have an effect well beyond IT,” commented Christophe Bertrand, practice director at ESG. “Attackers often go beyond valuable data assets by undermining key infrastructure components and exposing significant gaps, including those in the backup infrastructure itself. IT leaders must understand that the nature of the threat goes well beyond just data and focus on protecting and further leveraging their backup and recovery infrastructure to de-risk and minimise business impact through advanced capabilities.”

“In an environment in which business leaders identify ransomware to be one of the most serious threats to the survival of an organisation, it’s imperative that they can achieve the fastest time to protect, detect, and recover from ransomware. That’s the direction we are driving innovation for our customers,” said Caroline Seymour, VP of product marketing at Zerto. “Our real-time encryption detection and air-gapped recovery vault deliver a secure and highly advanced solution that allows IT leaders to protect against threats that go beyond just data. It gives them peace of mind so they can focus on early detection of an attack and an iron-clad recovery infrastructure to de-risk and minimise business impact through advanced capabilities.”

To download the full research e-book, please click here.

Survey methodology

ESG surveyed 600 qualified respondents in North America and Western Europe between May 2023 and June 2023.