A vast majority of organizations have faced unprecedented cybersecurity risk in 2020 with the growing attack volume, especially ransomware.
The pandemic-driven digital transformation of businesses along with a general deficiency in cyber preparedness and training made the situation more critical. A recent research study by Mimecast survey reveals that nearly 61% of enterprises were impacted by ransomware in 2020.
The study titled “The State of Email Security” is based on a global survey of 1,225 information technology as well as cybersecurity leaders. As high as 79% of the respondents said their companies had experienced major business disruption, financial loss, or other setbacks last year due to the lack of cyber preparedness.
The professionals identified ransomware as the major reason behind the disruptions. Some of the principal highlights from the study are –
- Most organizations indicated they had been impacted by ransomware throughout 2020 – which is a 20% increase over the number of firms reporting such disruption in 2020’s statistics.
- Organizations affected by ransomware lost almost six working days (on average) to system downtime. Another 37% reported that system downtime lasted for one week or more.
- Nearly 52% of ransomware victims had to pay threat actor’s ransom demands, however, only 66% of them were able to recover their data and information. The remaining 34% of companies never saw their data – despite paying the high ransom.
- Even 47% of surveyed respondents noted seeing an increase in email spoofing activity like never before.
- About 71% of the IT noted that they are concerned about the potential risks posed by archived conversations from the business collaboration tools.
While ransomware was a major setback for organizations in 2020, but it was not the only one. The report also revealed additional threat trends like a sharp year-over-year increase in threat volume of almost 64%. In fact, there has been an increase in e-mail usage in 8 out of 10 businesses.
These statistics can be attributed to the global pandemic – simply because work-from-home models across organizations increased email and collaboration tool usage. Certainly, the threat actors sought to capitalize on the innovative digital office with massive waves of COVID-19-related social engineering cyber attacks.
Despite facing an increased threat volume, the study found that many organizations are not doing well in the area of cyber threat prevention. In addition to the 79% of respondents who mentioned a lack of cyber preparedness, another notable finding is several companies (nearly 40%) fall short in at least one critical area of email security systems.
Clearly, such factors are leaving employees open to different cyber threats including malware, phishing, business email compromise (BEC), and other serious cyber attacks. And sadly only one in five respondents reported that they have active cybersecurity awareness training in place.