Fortinet Ransomware Report

Also at RSA, Fortinet unveiled its 2023 Global Ransomware Report. It’s based on a recent global survey conducted by Fortinet and explores cybersecurity leaders’ perspectives on ransomware, particularly how it impacted their organizations in the last year, and their strategies to mitigate an attack.

Key findings from the global survey include:

• The global threat of ransomware remains at peak levels, with half of organizations across all sizes, regions and industries falling victim in the last year.
• The top challenges to stopping a ransomware attack were people and process related, with many organizations lacking clarity on how to secure against the threat.
• There are a range of technologies viewed as essential to prevent ransomware, with an overwhelming majority prioritizing an integrated approach to security.
• Despite the global macroeconomic environment, security budgets will increase in the next year with a focus on AI/ML technologies to speed detection, centralized monitoring tools to speed response, and better preparation of people and processes.

“Though three out of four organizations detected ransomware attacks early, half still fell victim to them,” said John Maddison, Fortinet‘s executive vice president of products and CMO. “These results demonstrate the urgency to move beyond simple detection to real-time response. However, this is only part of the solution as organizations cited the top challenges in preventing attacks were related to their people and processes. A holistic approach to cybersecurity that goes beyond investing in essential technologies and prioritizes training is essential.”

Fortinet’s research revealed there was a large disconnect between respondents’ level of preparedness with existing strategies and their ability to stop a ransomware attack. Although 78% of organizations said they were “very” or “extremely” prepared to mitigate an attack, the survey found 50% fell victim to ransomware in the last year, and almost half were targeted two or more times.

In addition, despite most detecting an incident within hours, and sometimes minutes, the percentage of organizations paying ransoms remains high, with almost three-quarters of respondents making some form of ransom payment. When comparing across industries, organizations in the manufacturing sector received higher ransoms and were more likely to pay the fee. Specifically, one-quarter of attacks among manufacturing organizations received a ransom of $1 million or higher.

Finally, while almost all organizations reported having cyber insurance, almost 40% didn’t receive as much coverage as expected. And in some cases, they didn’t receive any because of an exception from the insurer.

In addition, the report found that organizations using point products were the most likely to fall victim to an attack in the last year, while those who had consolidated to a smaller number of platforms were the least likely to be a victim.