Disparity in ransomware costs perception - study

There is a growing disparity between the perceived and actual cost of recovering from a ransomware attack, according to analysis carried out by cloud security provider, Menlo Security.

Menlo’s research also suggests a disconnect between IT and insurance, as 24% of security professionals don’t know the value of their insurance policy, or indeed if they even have one.

And as the debate over whether to pay ransomware demands rages, two-thirds of security decision makers responding to Menlo’s study said they would pay.

The research, conducted among 500+ IT security decision makers at US and UK organisations with more than 1,000 employees, shows that the average estimated cost is £289,000 with insurance payouts extending up to an average of £458,000.

“Security professionals are coming under increasing pressure as organisations face an unprecedented number of highly sophisticated threats like ransomware,” said Mark Guntrip, senior director of cyber security strategy at Menlo Security. “On the frontline of cyber defense, they are often coping with huge amounts of stress, worrying about what employees are doing, their team and whether they are getting the right support internally, so it’s no surprise they are prioritising the business over job security. Indeed, the burnout and high churn rate of CISOs is widely reported.”

    Share Story:


Cyber risk in the transportation industry
The connected nature of the transport and logistics industries makes them an attractive target for hackers, with potentially disruptive and costly consequences. Between June 2020 and June 2021, the transportation industry saw an 186% increase in weekly ransomware attacks. At the same time, regulations and cyber security standards are lacking – creating weak postures across the board. This podcast explores the key risks. Published April 2022.

Political risk: A fresh perspective
CIR’s editor, Deborah Ritchie speaks with head of PCS at Verisk, Tom Johansmeyer about the confluence of political, nat cat and pandemic risks in a world that is becoming an increasingly risky place in which to do business. Published February 2022.