Virtualization Technology News and Information
Only Half of Ransomware Victims Who Pay Ransoms Recover Their Data, Finds '2018 Cyberthreat Defense Report'

CyberEdge Group, a premier research and marketing firm serving the security industry's top vendors, today announced immediate availability of its fifth annual Cyberthreat Defense Report. New this year, the report found that 55 percent of responding organizations were compromised by ransomware in 2017, down from 61 percent in 2016. However, respondents who were victimized by ransomware and who elected to pay the ransoms (customarily using Bitcoin) were asked if they successfully recovered their compromised data. Surprisingly, only half confirmed successful data recovery, while the other half acknowledged complete data loss.

With 1,200 IT security decision makers and practitioners participating from 17 countries, six continents, and 19 industries, CyberEdge's Cyberthreat Defense Report is the most comprehensive study of security professionals' perceptions in the industry. This study provides a 360-degree view of organizations' security threats, current defenses, and planned investments.

Key Findings

The 2018 Cyberthreat Defense Report yielded dozens of additional insights into the challenges faced by IT security professionals today. Key findings include:

  • Has the bleeding stopped? For the first time in five years, the percentage of organizations affected by a successful cyberattack decreased - from 79 percent in 2016 to 77 percent in 2017. Furthermore, the number of organizations victimized by six or more successful attacks fell from 33 percent in 2016 to 27 percent in 2017.
  • Security budgets set new record. The percentage of organizations with rising IT security budgets hit an all-time high - from 48 percent in 2014 to 79 percent in 2018. The average IT security budget is rising 4.7 percent in 2018, which now consumes 12 percent of the overall IT budget.
  • IT security skills deficit. For the first time in five years, lack of skilled personnel trumped low security awareness among employees as IT security's greatest inhibitor to success. In 2018, four in five organization are experiencing an IT security skills shortage.
  • Singing the cloud security blues. Nine in 10 organizations are experiencing cloud security challenges, with maintaining data privacy at the top of the list.
  • Containers-the new weakest link. Application containers (such as Docker, Cloud Foundry, and Kubernetes) edge mobile devices as IT security's new weakest link.
  • Hottest security technologies for 2018. The IT security technologies most planned for acquisition in 2018 include: advanced malware analysis/sandboxing (network security), containerization/micro-virtualization (endpoint and mobile security), and API gateway (application and data-centric security).

"Got a coin? Flip it to see if you'll get your data back after paying a ransom associated with ransomware. That's just plain scary," said Steve Piper, CEO of CyberEdge Group. "In 2017, 55 percent of our respondents' organizations were victimized by ransomware. Of those victims that refused to pay the ransom (61 percent), the vast majority (87 percent) recovered their data from backups. This just underscores how important it is to incorporate a sensible data backup strategy as part of an organization's cyberthreat defense strategy."

"The 2018 Cyberthreat Defense Report is the result of one of the few independent surveys of security practitioners. While many leading vendors provide their own research of the cybersecurity space, it is important to supplement their findings and conclusions with unbiased research and analysis such as the Cyberthreat Defense Report," said Richard Stiennon, chief research analyst at IT-Harvest. "The leveling off of the percent of respondents reporting breaches is a good sign, but at 77.2 percent, it is still very high and paints a picture of no end in sight for serious breaches in the coming years. I hope all security teams show this to their senior leadership."

About the Cyberthreat Defense Report

In November 2017, 1,200 IT security decision makers and practitioners completed a 27-question online survey. Each participant was employed by a commercial or government entity with a minimum of 500 employees. Participants stemmed from 19 industries and 17 countries across six geographic regions, as follows:

  • North America: United States and Canada
  • Europe: United Kingdom, Germany, France, Spain, and Italy
  • Asia Pacific: Australia, China, Singapore, and Japan
  • Middle East: Saudi Arabia and Turkey
  • Latin America: Brazil, Colombia, and Mexico
  • Africa: South Africa

Winner of a 2017 Platinum MarCom Award for research excellence, the Cyberthreat Defense Report is designed to complement Verizon's annual Data Breach Investigations Report, which evaluates the cyberthreat landscape and describes how threats are used to penetrate computer networks. This report assesses organizations' security posture, gauges perceptions about cyberthreats, and ascertains future plans for improving security and reducing risk. It provides deep insights into how IT security professionals perceive cyberthreats and what they're doing to defend against them.

The 2018 Cyberthreat Defense Report was sponsored by several leading information security vendors, including:

  • Platinum sponsors: Code42, Gigamon, Great Bay Software, Imperva, and Palo Alto Networks
  • Gold sponsors: Fidelis Cybersecurity, Micro Focus, Webroot
  • Silver sponsors: CloudPassage, Illusive Networks, Logsign

Report Available Now

The 2018 Cyberthreat Defense Report is available now through each of the above sponsors and by connecting to the CyberEdge Group website at

Published Thursday, March 08, 2018 8:16 AM by David Marshall
Filed under:
Only Half of Ransomware Victims Who Pay Ransoms Recover Their Data, Finds '2018 Cyberthreat Defense Report' - Brad Dickinson - (Author's Link) - March 8, 2018 12:42 PM
To post a comment, you must be a registered user. Registration is free and easy! Sign up now!
<March 2018>