Nearly two out of three companies recently surveyed admit to being ransomware attack victims in the last 12 months.

That’s according to ThycoticCentrify‘s new report, “2021 State of Ransomware Survey & Report: Preventing and Mitigating the Skyrocketing Costs and Impacts of Ransomware Attacks.” It’s based on survey responses from 300 U.S.-based IT business decision makers.

The report further reveals that more than four out of five respondents who were ransomware attack victims felt they had no choice but to pay ransom demands to restore their data.

ThycoticCentrify’s Joseph Carson

Joseph Carson is ThycoticCentrify‘s chief security scientist and advisory CISO.

“We were surprised that so many organizations are paying the ransom,” he said. “This means that most organizations’ backup and recovery plan does not provide protection against ransomware.”

Other Findings

Other report highlights include:

“We found that both budgets are increasing and so is the priority of incident response,” Carson said. “However, organizations must be proactive against ransomware rather than increasing budget only after becoming a victim.”

It’s more important than ever for businesses to prioritize creating an incident response plan to avoid being added to the growing list that have paid the ransom demand, according to ThycoticCentrify.

Moreover, while increasing cybersecurity budgets for network and cloud security solutions, organizations must also understand and prioritize the requirements for preventing exploit escalation with privileged access management (PAM) security that enforces least privileged access.

And finally, preventing ransomware attacks by practicing basic cybersecurity hygiene is essential. That includes regular backups, timely patching, multifactor authentication (MFA) and password protection. PAM policies that make least privileged access a priority enable security teams to identify the attack entry point, understand what happened, help remediate and ultimately protect restored data.

“I believe many excellent resources are available that provide clear direction and best practices on how to reduce the risks and become more resilient to ransomware attacks,” Carson said. “This includes the recommendations within this report. However, organizations must act now and not wait until after an incident occurs.”