Fortinet survey finds 78% of organizations felt prepared for ransomware attacks 

John Maddison, EVP Products and CMO at Fortinet.
John Maddison, EVP Products and CMO at Fortinet.
2 years ago

Fortinet, the global cybersecurity leader driving the convergence of networking and security, unveiled its 2023 Global Ransomware Report. The report is based on a recent global survey conducted by Fortinet and explores cybersecurity leaders’ perspectives on ransomware, particularly how it impacted their organizations in the last year, and their strategies to mitigate an attack. Key findings from the global survey include:

  • The global threat of ransomware remains at peak levels, with half of organizations across all sizes, regions, and industries falling victim in the last year.
  • The top challenges to stopping a ransomware attack were people and process related, with many organizations lacking clarity on how to secure against the threat.
  • There is a range of technologies viewed as essential to prevent ransomware, with an overwhelming majority prioritizing an integrated approach to security.
  • Despite the global macroeconomic environment, security budgets will increase in the next year with a focus on Artificial Intelligence/Machine Learning technologies to speed detection, centralized monitoring tools to speed response, and better preparation of people and processes.

John Maddison, EVP Products and CMO at Fortinet said, “According to the Fortinet research released, though three out of four organizations detected ransomware attacks early, half still fell victim to them. These results demonstrate the urgency to move beyond simple detection to real-time response. However, this is only part of the solution as organizations cited that the top challenges in preventing attacks were related to their people and processes. A holistic approach to cybersecurity that goes beyond investing in essential technologies and prioritizes training is essential.”

A growing disconnect between ransomware preparedness and prevention

Fortinet’s research revealed there was a large disconnect between respondents’ level of preparedness with existing strategies and their ability to stop a ransomware attack. Although 78% of organizations stated they were “very” or “extremely” prepared to mitigate an attack, the survey found 50% fell victim to ransomware in the last year, and almost half were targeted two or more times. Specifically, four out of the five top challenges to stopping ransomware were people or process related. The second largest challenge was a lack of clarity on how to secure against the threat as a result of a lack of user awareness and training, and no clear chain-of-command strategy to deal with attacks.

More organizations are paying the ransom, despite industry guidance

The survey also found that despite most (72%) detecting an incident within hours, and sometimes minutes, the percentage of organizations paying ransom remains high, with almost three-quarters of respondents making some form of ransom payment. When comparing across industries, organizations in the manufacturing sector received higher ransoms and were more likely to pay the fee. Specifically, one-quarter of attacks among manufacturing organizations received a ransom of $1M or higher. Finally, while almost all organizations (88%) reported having cyber insurance, almost 40% did not receive as much coverage as expected and, in some cases, didn’t receive any because of an exception from the insurer.

Security budgets will increase despite economic uncertainty

With concerns about ransomware still high and despite a challenging global economic environment, nearly all organizations (91%) expect increased security budgets in the next year. Based on the technologies viewed as most essential to secure against ransomware, organizations were most concerned with IoT Security, SASE, Cloud Workload Protection, NGFW, EDR, ZTNA, and Security Email Gateway. When comparing to 2021, the number of respondents citing ZTNA and Secure Email Gateway increased by nearly 20%. Given email phishing remained the most common attack entry method for the second time, it was promising to see respondents view Secure Email Gateway (51%) with higher importance, however, other essential protections, such as Sandboxing (23%) and Network Segmentation (20%) remained low on the list.

In the future, the top priorities for respondents will be investing in advanced technology powered by Aartificial Intelligence and Machine Learning to enable faster threat detection and central monitoring tools to speed response. These investments will help organizations combat a rapidly evolving threat landscape as cyber attackers become more aggressive and deploy new elements into attacks.

Enhancing ransomware protection through a platform approach

In addition, the report found that organizations using point products were the most likely to fall victim to an attack in the last year, while those who had consolidated to a smaller number of platforms were the least likely to be a victim. Further, almost all respondents (99%) viewed integrated solutions or a platform as essential to preventing ransomware attacks. These findings underscore the importance of leveraging a unified platform approach to defend against ransomware.

Fortinet supports organizations looking to improve their processes and advance cybersecurity skills by providing services such as Incident Readiness Assessments and Tabletop Exercises, Ransomware Readiness Assessments, SOC-as-a-Service, and SOC Readiness Assessments, as well as comprehensive training from one of the largest programs in the industry, the Fortinet Training Institute. With its industry-leading Security Fabric of over 50 natively integrated, enterprise-grade products, Fortinet continues to be the leading vendor helping organizations consolidate their point products into a unified cybersecurity platform. This platform approach, with open APIs and a robust Fabric-Ready technology alliance ecosystem, enables CISOs and security teams to reduce complexity, increase efficacy in the prevention and detection of ransomware, and speed incident triage, investigation, and response.

Don't Miss

How Cyber Risks Have Become Business Risks

Cyber risk is business risk. Anything that threatens IT threatens the company.
Jim Richberg, Field CISO, Trusted Security Advisor at Fortinet

Local governments with limited resources may be targeted because they have cyber insurance

As ransomware attacks have become more prevalent, there has been an increase