PRO+ Premium Content/Information Security

Thank you for joining!
Access your Pro+ Content below.
March 2017, Vol. 19, No. 2

Ransomware costs not limited to ransoms, research shows

Ransomware costs are hard to quantify. Many companies that have been targeted and have paid the ransom avoid law enforcement and public disclosure. But financial consequences involve more than just ransoms, according to new data from the Ponemon Institute. The independent study, sponsored by Carbonite, surveyed 618 individuals in small to medium-sized companies. Researchers found that 51% of the organizations surveyed had experienced ransomware attacks. These companies reported four ransomware attacks on average and -- among those that paid -- an average payment of $2,500 per attack. Close to half of the companies paid (48%) and slightly more did not (52%). Respondents whose organizations opted not to pay ransoms cited several reasons: full backup of systems and data (42%), company policy not to pay ransoms (16%) and fear ransom would not result in a decryption key (15%). But even among companies that opted out of ransoms, there was financial fallout. Other ransomware costs included investment in security technology (33%), money...

Features in this issue

Columns in this issue

Enterprise Desktop
Cloud Computing