Skip to content
Search
  • There are no suggestions because the search field is empty.
Cancel
Get Started Now

    Security Awareness Training Blog

    [EYE OPENER] The Ransom Payment is Only 15% of The Total Cost of Ransomware Attacks

    [EYE OPENER] The Ransom Payment is Only 15% of The Total Cost of Ransomware AttacksAs the number of ransomware attacks has increased 24% over the previous year, security researchers estimate the total associated attack costs to be just over 7 times higher.

    Every time there’s a news story about a ransomware attack, there’s so much focus put on the ransom itself – this is probably due to the fact that the payment can be easily quantified; whether it be the amount asked for or the amount paid.

    We’re all aware of the practical costs a business has to absorb should it become a ransomware victim – but those costs are seldom (if ever) revealed, leaving us guessing as to how much a ransomware attack actually costs the victim organization.

    But new compiled and analyzed data from researchers at Check Point and Kovrr shows that the ransom amount is but a small portion of the total real cost of surviving a ransomware attack. When considering the losses in response and restoration costs, legal fees, monitoring and decreases in revenues, real-life cost data from actual organizations that were hit with ransomware paints the picture that ransomware is so very much more expensive than the ransom alone.

    According to Check Point, the average ransom payment is 48.6% of the initial ransom demand – which is an average of about 2.82% of the victim’s annual revenue. So you can do the math: the average ransom paid is about 1.37% of annual revenue. But the overall costs are much, much more.

    Take the following six example attacks (provided by Check Point) – note the “Extortion” values in comparison to the other costs:

    table2-ransomware

     

    According to Check Point, the average total cost of a ransomware attack is 7.083 times larger than the paid ransom. This means the average ransomware attack costs organizations an average of 9.7% of their annual revenues!!!

    Now you do the math – which is more expensive: dealing with the financial repercussions of a ransomware attack or putting up a layered defense strategy that includes protecting the most likely (and least protected) aspect of your environment: your users?

    Organizations that deploy new-school security awareness training as part of their security strategy significantly reduce their attack surface by nearly eliminating social engineering-based attacks as a possible initial ransomware attack vector. 

     

    Return To KnowBe4 Security Blog

    A Master Class on IT Security: Roger Grimes Teaches Ransomware Mitigation

    Cyber-criminals have become thoughtful about ransomware attacks; taking time to maximize your organization’s potential damage and their payoff. Protecting your network from this growing threat is more important than ever

    RogerMasterClass-FeatureImage (1) (1)
    Join Roger Grimes, Data-Driven Defense Evangelist at KnowBe4,  for this thought-provoking webinar to learn what you can do to prevent, detect, and mitigate ransomware. You'll learn:

    • How to detect ransomware programs, even those that are highly stealthy 
    • Official recommendations from the Cybersecurity & Infrastructure Security Agency (CISA)
    • The policies, technical controls, and education you need to stop ransomware in its tracks
    • Why good backups (even offline backups) no longer save you from ransomware

    Watch Now

    PS: Don't like to click on redirected buttons? Cut & Paste this link in your browser:

    https://info.knowbe4.com/ransomware-master-class

    Topics: Ransomware

    Stu Sjouwerman

    ABOUT STU SJOUWERMAN

    Stu Sjouwerman (pronounced “shower-man”) is the founder and CEO of KnowBe4, Inc., which hosts the world’s most popular integrated security awareness training and simulated phishing platform, with over 54,000 organization customers and more than 50 million users. A serial entrepreneur and data security expert with 30 years in the IT industry, Stu was the co-founder of Inc. 500 company Sunbelt Software, a multiple award-winning anti-malware software company that was acquired in 2010.

    Read more from Stu »

    Subscribe to Our Blog


    Security Awareness Training
    Blog RSS Feed
    Comprehensive Anti-Phishing Guide
    All Posts

    Posts by Tag

    See all

    Posts By Topic

    View All

    Get the latest about social engineering

    Subscribe to CyberheistNews