Backups Become the Focus as Three-Fourths of Organizations Experienced Ransomware Attacks

Stu Sjouwerman | Mar 16, 2022

ransomware attacksNew data puts the spotlight on how most organizations unable to completely recover their data after a ransomware attack, making the case for better data protection for improved incident response.

It appears that organizations simply aren’t prepared in the face of a ransomware attack, according to backup vendor Veeam’s just-released 2022 Data Protection Trends Report. Most organizations have a less-than-perfect ability to recover from major business disruptions. According to the report, ransomware specifically is a huge problem for organizations today:

  • 76% of organizations experienced a ransomware attack in the last 12 months
  • 60% of orgs experienced two or more attacks in the same timeframe
  • At best, only 80% of the data was recoverable – and only 19% of orgs were able to accomplish this
  • The average organization is only able to recover about 64% of their data

This says a lot about how your organization should be approaching its response to ransomware – and even about its preventative measures to stop attacks before they have an impact. With most organizations unable to fully recover, and a majority of you suffering an attack, there are a few things you need to get right now:

  • Think Disaster Recovery, not Backups – have an ability to fully recover some or all of your environment in the wake of a ransomware attack. That means you’ve got a full disaster recovery plan in place, complete with a recovery team, simulation testing, a communication plan, etc.
  • Improve security at your weakest point - Veeam’s report also notes that, of those organizations who experienced a ransomware attack, 42% of the attacks started with a user who clicked on a malicious link. That means, despite all the security solutions you have in place, malicious emails are still getting through. So, it’s up to the user receiving the email to stop the attack by recognizing the phishing email for what it is and choosing not to engage with it. This is what Security Awareness Training teaches users; to stay vigilant, to play a role in organizational cybersecurity, and to stay clear of suspicious or malicious content in emails or on the web.

Topics: Ransomware

Test Your Network’s Defenses with our Free Ransomware Simulator

When employees bypass guidance and fall for social engineering, your network security is the last line of defense. Run our 100% harmless RanSim tool on Windows 10+ workstations to safely simulate 25 ransomware and cryptomining infection scenarios, pinpoint technical vulnerabilities, and get your results in minutes.

Launch Your Free Ransomware Simulation

Secure the Digital Workforce: Human + AI

KnowBe4 empowers the modern workforce to make smarter security decisions every day. Trusted by more than 70,000 organizations worldwide, KnowBe4 is the pioneer of digital workforce security, securing both AI agents and humans. The KnowBe4 Platform provides attack simulation and training, collaboration security, and agent security powered by AIDA (Artificial Intelligence Defense Agents) and a proprietary Risk Score. The platform leverages 15 years of behavioral data to combat advanced threats including social engineering, prompt injection, and shadow AI. By securing humans and agents, KnowBe4 leads the industry in workforce trust and defense.