2023 Ransomware 
Survey Results

554 IT Industry Professionals completed an Industry Survey on the impact of Ransomware in 2023. Here are the results.

Share / Embed This On Your Site

The Impact of Ransomware in 2023

We talk a lot about ransomware attacks within our own organizations—how to prepare for them, what to do when they happen, and the best way to stop the overall threat. While an ever-popular question is “should we pay the ransom?” (which most said they are unlikely to), there are so many other highly impactful aspects to ransomware preparedness and response. We surveyed more than 500 IT and security professionals to look at the impact of ransomware in 2021 and 2022 to begin to answer that question.

We Take Ransomware Seriously

In short: The vast majority of respondents appreciate the gravity of the ransomware threat, and know that it’s likely to stay the same, or increase, given that more than one-third of respondents have experienced a ransomware event.

Share / Embed This On Your Site

More, Or Less Risk In 2023?

More than 80% of respondents believe that their organization is at the same or higher risk of being a target for a ransomware attack in 2023, as compared with 2021 and 2022, it’s good to see that it is being taken seriously.

Share / Embed This On Your Site

A Real Threat?

More than 80% of respondents believe ransomware is a significant threat to their organizations

Share / Embed This On Your Site

"C-Suite" & Ransomware

And the majority consider executives at their organizations to be somewhat informed to well-informed of the threat it poses.

Share / Embed This On Your Site

Departmental Impact

Respondents identified operations (26%) and their organization’s reputation and customer trust (35%) as the top two areas that would be most negatively impacted by a ransomware attack. The exact cost of reputational damage can be hard to quantify, although BitDefender found that businesses can lose half their customer base after a data breach. And stalled operations will likely mean downtime, which can be extremely costly—in 2020, downtime cost American businesses $20.9 billion USD.

Share / Embed This On Your Site

Share / Embed This On Your Site

The Length of Disruption Varies.

Many expect getting back to business as normal would take hours (29% of respondents), 52% expect it to take days, while others think the length of time would be closer to weeks (14%) or months (3%). Longer disruptions will of course carry bigger costs, but even in the best-case scenario, the downtime and financial impact will be significant.

Good News

The good news is that most organizations are aware of the dangers now. Many respondents believe that those in their organization understand the threat or that communicating it is becoming easier.

Share / Embed This On Your Site

Understanding The Threat

Since almost everyone, especially corporate decision makers, now “get” ransomware, obtaining corporate approval to purchase solutions should not create the kind of challenges that spending on IT initiatives often involves.

Share / Embed This On Your Site

We Think We're Prepared ... 
But Are We?

Overall, the majority of respondents rated their company’s level of preparedness for a ransomware attack highly, giving it a score of at least a 7 out of 10.

Share / Embed This On Your Site

Share / Embed This On Your Site

Confidence Is High

In addition, nearly 80% of respondents scored their confidence that their data storage strategy is ransomware-proof at a 6 out of 10 or higher. While many respondents believe their backup strategy is moderately to highly ransomware-proof, those that do not should invest in creating a ransomware-resistant backup strategy that will be both reliable and usable in the event of an incident. It’s important to be able to rely on these backups to help reduce downtime and data loss, and get operations back to normal as quickly as possible.

Taking DR & IR Seriously

Further, a majority have disaster recovery (DR) or incident response (IR) plans in place.

Share / Embed This On Your Site

Dominate Ransomware!
Download The Free 313 Page Book:
Ransomware: Understand. Prevent. Recover

Get the Book 
in Your Inbox

Continued Preparation

And 60% say their organization dedicates sufficient resources to implementing security measures and educating those within their organization on them.

Share / Embed This On Your Site

Warning Signs

But a closer look also exposes areas of concern. Approximately 40% of those with DR and IR plans do not update them regularly, or the plans are undocumented. This could prove risky during an actual ransomware attack, in which there are many different groups from both inside and outside the organization involved, all of whom may have different priorities, needs, and understandings of “what needs to happen.” It’s great that so many respondents have a DR and IR plan, and working to keep them updated and documented as much as possible will further improve their utility if they’re needed. If you do not, consider implementing them, with plans for how and when they should be updated and appropriate documentation.

Share / Embed This On Your Site

Share / Embed This On Your Site

When The Worst Happens

In the case an attack does occur, only about 56% of respondents have an IR team on retainer (or the ability to respond themselves) and cyber insurance, potentially leaving the other 44% without key aspects of their response squared away ahead of time. Consider whether cyber insurance or outside help will benefit your organization should a ransomware attack occur. Explore whether it makes sense to get an IR team on retainer, outside legal counsel, negotiators—and in the event of an incident, listen to them!

Prep Takes Time

When asked how many hours per month are spent on ransomware preparedness, threat hunting, or incident response, 60% said between 0 and 4 hours. Here, there’s certainly an opportunity for companies to improve their level of preparedness against ransomware attacks. But that often requires buy-in at the highest levels of the organization to ensure resources like time, money, and personnel can be dedicated to the task. Where possible, look to increase the time your organization devotes to IR planning, threat hunting and ransomware preparedness. Consider working through tabletop exercises to walk through how key teams in the organization will work together during the ransomware attack and resulting response. This can involve your IT team, security team, and maybe senior leadership, PR, or HR teams within the organization—basically, anyone who will be involved in the real event should participate in this one.

Share / Embed This On Your Site

So What Do We Do About Ransomware?

While 13% of respondents believe nothing can be done to stop the scourge of ransomware, 45% of respondents believe that “better defenses” are the most effective step, followed by more public/private partnerships (20%) and cryptocurrency regulation (9%).

Share / Embed This On Your Site

What Next?

Ransomware is unlikely to go away, but implementing better defenses at our organizations can certainly help mitigate the threat. For additional ideas on how to augment defenses, check out “How to Prevent Ransomware”.

Share / Embed This On Your Site

Download The 
"Ransomware Survey" Infographic

Get the full ransomware survey in one infographic.

Share This Resource With Others

Embed The "Ransomware Survey" infographic on your site or blog using this code.

Share this Infographic On Your Site

Want More Like This?

Sign Up To Receive Our 
Monthly Ransomware Newsletter

© Future US LLC, Full 7th Floor, 130 West 42nd Street, New York, NY 10036
envelope linkedin facebook pinterest youtube rss twitter instagram facebook-blank rss-blank linkedin-blank pinterest youtube twitter instagram