Quick Hits

One-Third of Organizations Have Been Hit by Ransomware

Companies further along in digital transformation less likely to be ransomware victims, research from IDC also finds.

More than a third of organizations worldwide have experienced a ransomware attack or breach in the last year, according to new research from International Data Corporation (IDC). Those that were hit once by ransomware were often the victim in multiple ransomware events. Those that are further along in digital transformation efforts are less likely to experience a ransomware attack.

"Ransomware has become the enemy of the day; the threat that was first feared on Pennsylvania Avenue and subsequently detested on Wall Street is now the topic of conversation on Main Street," says Frank Dickson, program vice president, Cybersecurity Products at IDC.

Key findings from the survey include the following:

  • The incident rate was notably lower for companies based in the United States (7%) compared with the worldwide rate (37%).
  • The manufacturing and finance industries reported the highest ransomware incident rates, while the transportation, communication, and utilities/media industries reported the lowest rates.
  • Only 13% of organizations reported experiencing a ransomware attack and did not pay a ransom.
  • While the average ransom payment was almost a quarter of a million dollars, a few large ransom payments (more than $1 million) skewed the average.

IDC says in a release on the findings that analysis of the survey results also reveals that organizations that are further along in their digital transformation efforts were less likely to have experienced a ransomware event.

The full report can be found here.