We are excited to bring Transform 2022 back in-person July 19 and virtually July 20 - 28. Join AI and data leaders for insightful talks and exciting networking opportunities. Register today!


A new study from ExtraHop shows a major discrepancy between perception versus reality — 77% of IT decision-makers (ITDMs) said they were very or completely confident in their company’s ability to prevent or mitigate cybersecurity threats, yet 64% admit that their own cybersecurity incidents are the result of their own outdated IT security plans.

When the pandemic hit and organizations switched to a work from home (WFH) model, many also took the opportunity to modernize their IT infrastructures, finally decommissioning old on-premises applications and replacing them with new SaaS applications or other solutions. Unfortunately, they didn’t modernize their protocol use — leading to some misplaced confidence. Sixty-nine percent are transmitting sensitive data over unencrypted HTTP connections instead of more secure HTTPS connections. Another 68% are still running SMBv1, the protocol that WannaCry and NotPetya ransomware variants use to infect corporate networks. 

The frequency of ransomware attacks over the past few years has only made this discrepancy worse. Eighty-five percent of companies are, on average, experiencing at least one ransomware attack per year, and 74% have experienced multiple attacks.

Pie graph. 15% of companies experienced no ransomware attacks. 55% experienced 1-5 attacks. 30% experienced 6 or more.

Another surprising takeaway: most companies admitted to paying the ransom when hit. Seventy-two percent of respondents admitted to paying a ransom, while 42% of companies that suffered a ransomware attack said they paid the ransom demanded most or all of the time.

Event

Transform 2022

Join us at the leading event on applied AI for enterprise business and technology decision makers in-person July 19 and virtually from July 20-28.

Register Here

Despite this being discouraged by the FBI, many organizations choose to make the payment to minimize the cost, which includes business downtime and end-user downtime. 

The survey of 500 security and IT decision-makers in the U.S., U.K., France, and Germany was conducted by Wakefield Research and sponsored by ExtraHop. Survey participants came from a wide range of industries, including financial services, healthcare, manufacturing and retail, and worked at companies of varying sizes, including companies with annual revenue exceeding $50 million.

Read the full report by ExtraHop.

VentureBeat's mission is to be a digital town square for technical decision-makers to gain knowledge about transformative enterprise technology and transact. Learn more about membership.

Author
Topics