Read the results from an independent survey of 2,700 IT decision makers as we examine endpoint security. Get an in-depth look at the state of ransomware and other exploits, including costs, industries most affected, and what's on the horizon to stop attacks.
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
The State of Endpoint Security Today
1. The State of Endpoint Security
Today
January 2018
2. About This Survey
2
• An independent survey of 2,700 IT decision makers
• Commissioned by Sophos
• Conducted by Vanson Bourne, a UK-based research house
• Interviews conducted in October and November 2017
3. Demographics
3
2,700 IT decision makers split in the following ways...
Respondent country Organization size Organization sector
13501350
100-1,000 employees 1,001-5,000 employees
461
389
338
298
293
276
203
142
82
72
66
80
IT, technology and telecoms
Retail, distribution and transport
Manufacturing and production
Financial services
Business and professional services
Public sector
Energy, oil/gas and utilities
Construction and property
Media, leisure and entertainment
Healthcare products and technologies
Private education
Other commercial sector
500
300
300
300
300
200
200
200
200
200
US
UK
France
Germany
India
Canada
Mexico
Australia
Japan
South Africa
5. Executive Summary
5
Attacks
Target
Cost
Protections Geography
54% of organizations
were hit. Average two
hits per organization
Median impact per
organization ≈ US$133K
(£100K)
Healthcare was the top
target followed by Energy,
Professional Services, Retail
India was the most-target
country, followed by
Mexico, U.S., Canada
77% running up-to-date
antivirus when hit.
54% do not have
anti-ransomware tech
6. We Live in the Shadow of Ransomware
Sophos global research - research results 6
54%
31%
14%
1%
Yes
No, but we expect to in the future
No and we do not expect to
Don't know
Has your organization been hit by ransomware?
54%
Organizations were hit by
ransomware in the last year
85%
Organizations have either been hit
or expect to be hit by ransomware
7. Unlike Lightning, Ransomware Does Strike Twice
Sophos global research - research results 7
Average number of times organizations
were hit by ransomware in the last year
2
• On average, affected organizations were hit by
ransomware twice in the last year
• Multiple adversaries targeting each
organization
• Attackers are no longer removing previous
victims from their target lists
8. There are No Safe Havens from Ransomware
67%
65%
60%
59%
54%
51%
48%
48%
45%
41%
India
Mexico
US
Canada
South Africa
Germany
France
Australia
UK
Japan
Hit by ransomware, by country
• Every country has suffered significant levels of
ransomware attacks
• The top targets for ransomware are India, Mexico,
U.S., Canada
• North America and India are attractive targets
due to high levels of GDP, English speakers, and
internet users
• Japanese organizations are least likely to be hit by
ransomware (41%)
• Language challenges and uniqueness make
Japan a less attractive target
9. Healthcare is the #1 Victim of Ransomware
9
54%
76%
65%
59%
58%
55%
54%
51%
49%
48%
48%
47%
45%
Total
Healthcare products and technologies
Energy, oil/gas and utilities
Business and professional services
Retail, distribution and transport
IT, technology and telecoms
Public sector
Manufacturing and production
Construction and property
Media, leisure and entertainment
Other commercial sector
Private education
Financial services
Yes, we have been hit by ransomware in the last 12 months
Hit by ransomware, by sector
• Healthcare is the industry most likely to fall victim to a
ransomware with (76%) hit in the last year
• Financial services are least likely to have suffered a
breach – but still over 4 in 10 have fallen victim
• While both sectors holding high value data, reasons for
this difference include:
• Healthcare targeted more than financial services
• Weaker IT infrastructure perceived as a soft
target
• Perception that victims are more likely to pay
• Healthcare has weaker IT defenses
• Aging infrastructure creates security holes
• Restricted resources impacts use of security
technologies
10. Traditional Endpoint Protection Alone is Not Enough
10
77%
Organizations hit by ransomware were running
up-to-date endpoint security at the time of attack
Endpoint protection status Total
Running up-to-date endpoint
protection
77%
Not running up-to-date endpoint
protection
21%
Don’t know 1%
Base 1468
11. 54% of Organizations Remain at High Risk of Ransomware
46%
45%
7%
1%
1%
0% 10% 20% 30% 40% 50%
Anti-ransomware technology is
important on the endpoint and we
already have it
Anti-ransomware technology is
important on the endpoint and we
plan to implement it
Anti-ransomware technology is
important on the endpoint but we
don’t have plans to implement it
Anti-ransomware technology is not
important on the endpoint
Don’t know
• Almost everyone agrees that having anti-
ransomware technology on the endpoint is
important (98%)
• Despite that, 54% of organizations do not
have anti-ransomware technology in place,
putting them at greater risk of infection
12. Level of Investment in Protection Varies by Sector
12
• Energy, oil/gas, and utilities and healthcare are the sectors that have invested most significantly in anti-
ransomware technology
• High value targets for criminals
• Bespoke, very expensive equipment running on old technology (MRI scanners, drills)
• Media, public sector and private education are least likely to have invested in anti-ransomware
technology. Possible reasons include:
• Budget constraints – particularly public sector
• Lack of awareness of need
• Limited IT resources
Average
Business
and Pro
Services
Construction
/ property
Energy, oil /
gas, utilities
Financial
services
Health
IT, tech,
telecoms
Manu-
facturing
Media,
leisure,
entertain
Public
sector
Private
education
Retail,
distribution
transport
Other
Anti-ransomware
technology is important
on the endpoint and we
already have it
46% 47% 46% 53% 52% 53% 44% 46% 38% 39% 35% 46% 51%
Anti-ransomware
technology is important
on the endpoint and we
plan to implement it
45% 42% 46% 42% 41% 42% 47% 46% 51% 50% 45% 43% 36%
13. The Healthcare Conundrum:
Biggest Victims, Largest Investors in Prevention
13
• Despite healthcare having the highest propensity to suffer an attack (76%), it is also the sector with the
highest level of anti-ransomware protection in place (53%)
• Reasons behind this apparent contradiction include:
• Cybercriminals perceive healthcare as a soft target, and so disproportionately target this sector
• Healthcare organizations often use old technology with weaker defenses, like MRI scanners that
only run on old operating systems
• Restricted IT resources – people, hardware, software – result in patchy security, so even when one
part of healthcare organization has protection, there are still other ways for threats to get in
• Not all anti-ransomware protection is the same. They may have anti-ransomware technology but it
may not be enough to stop the threats
• Healthcare organizations are learning from experience and have chosen to invest in anti-
ransomware technology as a result of earlier breaches
14. Ransomware Comes with a BIG Bill
14
Estimated total cost of ransomware attack
(converted from local currency)
• Almost evenly split
• 51% of businesses reporting cost < US$133,000
• 49% of businesses reporting cost > US$133,000
• The most common cost is between US$13,000 and
US$70,000
• Nearly half (46%) incurred costs between US$13,000 and
US$133,000
US$133,000
Median cost of a ransomware attack, including
downtime, work hours, device cost, network cost, lost
opportunities, and ransom payment
3%
5%
10%
15%
16%
21%
25%
5%
Between US$6.6 million and US$13.3
million
Between US$1.3 million and US$6.6 million
Between US$663,000 and US$1.3 million
Between US$332,000 and US$663,000
Between US$133,000 and US$332,000
Between US$70,000 and US$133,000
Between US$13,000 and US$70,000
Less than US$13,000
15. Ransomware Costs the U.S. More than the GDP of Jamaica
15
• Number of 100+ user organizations in USA: 129K (source: US census)
• Percentage hit by ransomware in the last year: 60% (source: U.S. respondents to this survey)
• Average number of ransomware attacks in last year: 2 (source: U.S. respondents to this survey)
• Median cost to rectify a ransomware attack: US$120K (source: U.S. respondents to this survey)
Cost of ransomware
to U.S. businesses
US$18.6 Billion
(in 100+ user organizations)
GDP of Jamaica
US$14 Billion
(World Bank)
16. The Sophos Perspective
16
• Inadequate protection: Despite a series of high-profile ransomware attacks in 2017, organizations are starting
2018 with inadequate protection against ransomware
• Antivirus is not anti-ransomware: Not all anti-ransomware technology is the same. Organizations should make
sure they have protection with dedicated anti-ransomware capabilities, rather than generic threat prevention,
in order to be effectively protected against the #1 malware threat
• 3rd party testing of unknown ransomware: To make it easier for organizations to make informed decisions on
their anti-ransomware protection, Sophos calls for more independent testing of the efficacy of products in
stopping previously unseen ransomware
• Upgrade your technology: With a further ransomware surge predicted for 2018* fueled by Ransomware-as-a-
Service (RaaS) and amplified by the resurgence of worms, Sophos strongly advises organizations to put in place
dedicated anti-ransomware protection with urgency
*Sophos Malware Forecast 2018
17. Sophos Recommendations
17
• You are a target – be prepared
o Small, medium, and large companies have all been hit
• Get educated
o Train your employees via attack simulations. They can be your weakest link or strongest advocate
o Investigate advanced technologies. Traditional antivirus and endpoint security will only block known
ransomware. You need true anti-ransomware to block zero-day attacks
• Upgrade your technology
o There have been a lot of advancements in the last couple of years to prevent ransomware via anti-ransomware,
anti-exploit, anti-hacker, etc.
• Invest now
o The cost of the technology is a fraction of the cost of the impact of an attack. You are saving your company a ton
of money
19. Executive Summary
19
Attacks Understanding
Geography
54% of organizations
don’t have anti-exploit
protection in place
2/3 of IT managers don’t
understand what anti-
exploit technology is
U.S. has greatest
understanding of anti-
exploit technology
20. 54% of Organizations Remain Highly Vulnerable to Exploits
Sophos global research - research results 20
46%
46%
6%
1%
1%
Anti-exploit technology is important on
the endpoint and we already have it
Anti-exploit technology is important on
the endpoint and we plan to
implement it
Anti-exploit technology is important on
the endpoint but we don’t have plans
to implement it
Anti-exploit technology is not
important on the endpoint
Don’t know
• Exploits are the techniques hackers use to
take advantage of vulnerabilities in legitimate
software
• Almost all respondents (98%) agree that
having anti-exploit technology on the
endpoint is important
• Despite this, over half don’t have it in place,
leaving them vulnerable to attack
21. Misunderstanding Abounds Regarding Anti-exploit
Technology
Sophos global research - research results 21
32%
31%
28%
7%
1%
Anti-malware scanner and removal tool
Software that prevents exploits that target browsers and applications
A security vulnerability scanner that looks for weaknesses
Penetration testing toolkits
Don't know
What is the best description for anti-exploit software
• Although 46% claim to have anti-exploit
technology, only 31% actually knew what it is
• This suggests that significant proportion have a
misplaced belief that they are protected from this
common attack technique, but are in fact at risk
69%
of respondents were unable to identify the
correct definition of anti-exploit technology
22. Understanding of Anti-exploit Software Varies by Country
Sophos global research - research results 22
• The U.S. topping the table with 39% defining it correctly compared to 22% in France
• Smaller organizations demonstrated a better understanding than larger ones:
• 34% in the 100-1,000 user band defined it correctly
• 29% in the 1,001-5,000 user band defined it correctly
Correctly defined anti-exploit software
UK France Germany U.S. Canada Mexico India Australia Japan
South
Africa
35% 22% 32% 39% 26% 35% 28% 34% 26% 30%
23. Sophos Recommendations
23
• Take action NOW
o Given the widespread use of exploits in today’s attacks and the significant lack of around anti-exploit
technology, urgent action is needed to understand how to stop these threats
• Education, education, education
o If you don’t understand exploits, it’s time to learn. If you think you understand exploits, it’s worth refreshing
your knowledge to make sure aware of the latest approaches
• Upgrade your technology
o To protect against exploit techniques used in malware attacks make sure you have the security solutions in place
to stop them
25. Executive Summary
25
Attacks
Future
Implementation
Protections Geography
87% agree: Threats
have become more
complex
60% plan to add machine
learning in the next year
India is the most optimistic
about machine and deep
learning
Canada, India, Mexico have
highest level of machine
learning technology
60% say current cyber
defenses are not enough
26. You Are Not Alone: It’s Getting Harder for Everyone
26
83%87%
Stopping malware threats has
become harder over the last year
Malware threats have become
increasingly complex over the last year
27. All Countries are Suffering – Japan Most of All
27
• While these views are widely held in all
geographies surveyed, IT managers in Japan
are feeling the greatest challenge.
• Conversely, French IT managers are least
challenged, although nearly /23(74%) still
agree it’s got harder to stop malware.
Agree that stopping
threats has got harder
over the last year
Agree that malware
threats have got more
complex over the last year
UK 85% 89%
France 74% 79%
Germany 77% 87%
U.S. 88% 90%
Canada 76% 82%
Mexico 81% 86%
India 89% 88%
Australia 85% 84%
Japan 92% 97%
South Africa 85% 89%
28. 6 in 10 Agree: Standard Defenses are not Enough
28
60%
My organization’s current defenses are not
totally sufficient to block the cyber threats I’ve
seen in the past year
29. 60% Plan to Implement Machine Learning in the Next Year
29
25%
34% 34% 34%
31%
24%
21% 20% 18%
15%
10%
60%
54%
63%
48%
61%
65%
59%
72%
68%
61%
42%
Total Canada India South Africa US France Australia Mexico Germany UK Japan
We already have it We plan to implement within next 12 months
• 25% already have predictive threat prevention technologies, such as machine or deep learning
• 60% plan to implement within the next year
• Canada, India and South Africa lead with 1/3 (34%) of respondents already using these technologies
• Mexico has the most extensive future plans, with 72% planning to implement predictive threat prevention
technologies
• Japan is most cautious, with just 10% using them and 42% planning to implement these technologies
• Average timescales to implement is six months
30. People are Confused Between Machine and Deep Learning
30
44%
43%
11%
2%
Yes, I have full understanding
Yes, I have some understanding
No, not sure on the difference
No, I do not know either term
56%
of respondents admit they do not have a full
understanding of the difference between
machine learning and deep learning
31. #1 Desired Benefit from Machine Learning: Improved Threat Detection
31
86%
79%
70%
33%
31%
0%
Better detection
Better prevention
Faster performance
Fewer false positives
Smaller footprint (e.g. hardware takes up less space)
There are no benefits
The most important benefits organizations want
from machine and deep learning
32. Machine Learning: An Additional, not Replacement Technology
35%
64%
1%
It will be a
complete
replacement
It will be an
additional
technology
Don’t know
45%
44%
42%
37%
36%
34%
29%
27%
26%
23%
55%
55%
58%
62%
61%
64%
69%
73%
73%
73%
India
South Africa
Canada
US
Australia
Germany
UK
Mexico
France
Japan
It will be a complete replacement It will be an additional technology
• 64%: additional technology
• 35%: complete replacement
• India has strongest expectation it will be a complete
replacement (45%)
• Conversely in Japan 23% see it as a complete replacement
33. Machine Learning: Yes, it will Live Up to the Hype
33
• 94% believe that machine learning will “live up to the hype”
• Over two in ten (21%) went so far as to state that it will solve all of their technology issues
• IT managers in India are most optimistic with a full 45% saying it will solve all our technology issues
• In contrast, just 9% of Japanese and 10% of German respondents shared this view
Average UK France Germany U.S. Canada Mexico India Australia Japan
South
Africa
ML will live up to
the hype
94% 90% 96% 94% 97% 97% 98% 99% 89% 79% 93%
ML will solve all our
technology issues
21% 13% 19% 10% 26% 20% 32% 45% 14% 9% 17%
34. The Sophos Perspective
34
• Becoming mainstream. Despite machine learning being a relatively new technology, the vast
majority of organizations plan to have it in place within the next 12 months
• Additional, not replacement. Sophos agrees with the majority of survey respondents – it’s an
additional layer of security and not a total replacement for all endpoint defenses
• 3rd party testing needed. With the majority of organizations openly admitting they don’t have a
full understanding of machine and deep learning, the security industry should take the lead in
enabling organizations to make informed decisions on machine and deep learning:
• Independent, public testing of security products
• Education on the technologies used and the differences between them
35. Sophos Recommendations
35
• Get educated
o Not all technology is the same. Investigate machine and deep learning, understand the differences between the
options and what that means for you.
• Upgrade your technology – now
o Cybercriminals are already using machine learning in their attacks. Ensure your defenses can match them.
37. Key Takeaways from the Survey
37
• IT security remains highly challenging for organizations across the globe.
• There’s a growing gap between the knowledge and skills of the attackers (ransomware, exploits) and that of the IT
professionals charged with stopping them. This can be addressed by education.
• Traditional security solutions are no longer enough to keep organizations ahead of today’s complex threats.
• Organizations are aware that they need advanced security technologies, including machine and deep learning, to
stop threats. However lack of understanding of the technologies makes it hard for organizations to evaluate them
and put the right protection in place.
• Sophos calls on the security industry to make it easy for IT managers to understand and evaluate these technologies,
through increased open, independent testing, and education.
38. Further Reading from Sophos
38
• Exploits Intercepted – A very readable guide to what exploits are, how they work, and how to
stop them
• Exploits Explained – A deep dive into the actual exploits used by hackers today and the
protection capabilities that block them
• How to Stay Protected against Ransomware – How ransomware works and what steps you can
take to protect against it
• SophosLabs Deep Learning Page – A range of resources and educational pieces on machine and
deep learning
• Sophos Intercept X Deep Learning Datasheet – A clear explanation of deep learning and why it
consistently outperforms other machine learning models
41. Ransomware Costs: UK
41
Estimated total cost of ransomware attack
• 67% incur costs between £10K and £250K
• Most common costs £10-£50K and £100-£250K
7%
24%
19%
24%
9%
9%
4%
4%
0%
Less than £10,000
Between £10,000 and £50,000
Between £50,000 and £100,000
Between £100,000 and £250,000
Between £250,000 and £500,000
Between £500,000 and £1 million
Between £1 million and £5 million
Between £5 million and £10 million
More than £10 million
42. Ransomware Costs: Germany
42
• 63% incur costs between €11,200 and €282K
• Most common costs €56K and €112K (28%)
• No one incurred costs in lowest bracket (below €11,200)
0%
19%
28%
16%
20%
9%
5%
3%
0%
Less than 11,200 €
Between 11,200 € and 56,000 €
Between 56,000 € and 112,000 €
Between 112,000 € and 282,000 €
Between 282,000 € and 563,000 €
Between 563,000 € and 1.2 million €
Between 1.2 million € and 5.6 million €
Between 5.6 million € and 11.2 million €
More than 11.2 million €
Estimated total cost of ransomware attack
Conversion rate - £1 = 1.12 €
43. Ransomware Costs: France
43
• France has a broader spread of costs than average
• 55% incur costs between €11,200 and €282K
• Most common costs €112K and €282K (21%)
8%
15%
19%
21%
18%
9%
8%
1%
0%
Less than 11,200 €
Between 11,200 € and 56,000 €
Between 56,000 € and 112,000 €
Between 112,000 € and 282,000 €
Between 282,000 € and 563,000 €
Between 563,000 € and 1.2 million €
Between 1.2 million € and 5.6 million €
Between 5.6 million € and 11.2 million €
More than 11.2 million €
Estimated total cost of ransomware attack
Conversion rate - £1 = 1.12 €
44. Ransomware Costs: U.S.
44
• U.S. has a broader spread of costs than average
• 57% incur costs between US$13K and US$332K
• Most common costs US$70K and US$133K (23%)
2%
17%
23%
17%
20%
12%
5%
3%
0%
Less than US$13,000
Between US$13,000 and US$70,000
Between US$70,000 and US$133,000
Between US$133,000 and US$332,000
Between US$332,000 and US$663,000
Between US$663,000 and US$1.3 million
Between US$1.3 million and US$6.6 million
Between US$6.6 million and US$13.3 million
More than US$13.3 million
Estimated total cost of ransomware attack
Conversion rate - £1 = US$1.33
45. Ransomware Costs: Canada
45
• Wide range of costs incurred compared with other countries
• 55% incur costs between CA$16K and CA$414K
• Most common costs CA$16K and CA83K (22%)
Estimated total cost of ransomware attack
Conversion rate - £1 = CA$1.66
3%
22%
18%
21%
14%
7%
10%
4%
0%
Less than CA$16,000
Between CA$16,000 and CA$83,000
Between CA$83,000 and CA$166,000
Between CA$166,000 and CA$414,000
Between CA$414,000 and CA$829,000
Between CA$829,000 and CA$1.7 million
Between CA$1.7 million and CA$8.3 million
Between CA$8.3 million and CA$16.6 million
More than CA$16.6 million
46. Ransomware Costs: Mexico
46
• Very clear dominance of cost band 240K MXN and 1.2m MXN (45%)
• 75% (three quarters) incur costs between 240K MXN and 6m MXN
Estimated total cost of ransomware attack
Conversion rate - £1 = 24.24 MXN
13%
45%
18%
13%
2%
5%
2%
2%
0%
Less than 240,000 MXN
Between 240,000 MXN and 1.2 million MXN
Between 1.2 million MXN and 2.4 million MXN
Between 2.4 million MXN and 6 million MXN
Between 6 million MXN and 12 million MXN
Between 12 million MXN and 24 million MXN
Between 24 million MXN and 121 million MXN
Between 121 million MXN and 242 million MXN
More than 242 million MXN
47. Ransomware Costs: Australia
47
• Most common costs AU$17K and AU$85K (31%)
• 64% incur costs between AU$17K and AU$425K
Estimated total cost of ransomware attack
Conversion rate - £1 = AU$1.7
2%
31%
19%
14%
17%
8%
4%
2%
0%
Less than AU$17,000
Between AU$17,000 and AU$85,000
Between AU$85,000 and AU$170,000
Between AU$170,000 and AU$425,000
Between AU$425,000 and AU$850,000
Between AU$850,000 and AU$1.7 million
Between AU$1.7 million and AU$8.5 million
Between AU$8.5 million and AU$17 million
More than AU$17 million
48. Ransomware Costs: Japan
48
• Very clear dominance of cost band ¥1.5 m and ¥7.5 m (41%)
• 78% (over three quarters) incur costs between ¥1.5m and ¥37.5m
• This is the highest percentage in this cost band of all countries
surveyed
Conversion rate - £1 = AU$1.7
Estimated total cost of ransomware attack
Conversion rate - £1 = ¥149.80
0%
41%
27%
10%
13%
4%
1%
0%
0%
Less than ¥1.5 million
Between ¥1.5 million and ¥7.5 million
Between ¥7.5 million and ¥15 million
Between ¥15 million and ¥37.5 million
Between ¥37.5 million and ¥74.9 million
Between ¥74.9 million and ¥150 million
Between ¥150 million and ¥749 million
Between ¥749 million and ¥1.5 billion
More than ¥1.5 billion
49. Ransomware Costs: India
49
• Most common costs between ₹870K and ₹4.3M
• 59% incur costs between ₹870K and ₹21.7M
Estimated total cost of ransomware attack
Conversion rate - £1 = ₹ 86.85
5%
25%
21%
13%
13%
8%
7%
6%
0%
Less than 870,000 INR
Between 870,000 INR and 4.3 million INR
Between 4.3 million INR and 8.7 million INR
Between 8.7 million INR and 21.7 million INR
Between 21.7 million INR and 43.4 million INR
Between 43.4 million INR and 86.8 million INR
Between 86.8 million INR and 434 million INR
Between 434 million INR and 870 million INR
More than 870 million INR
50. Ransomware Costs: South Africa
50
• Most common costs 180,000 ZAR and 900,000 ZAR (26%
• Just under ¼ (23%) incur costs between 9 million and 18 million ZAR
Estimated total cost of ransomware attack
Conversion rate - £1 = 18.11 ZAR
8%
26%
13%
12%
12%
23%
1%
2%
0%
Less than 180,000 ZAR
Between 180,000 and 900,000 ZAR
Between 900,000 ZAR and 1.8 million ZAR
Between 1.8 million ZAR and 4.5 million ZAR
Between 4.5 million ZAR and 9 million ZAR
Between 9 million ZAR and 18 million ZAR
Between 18 million ZAR and 91 million ZAR
Between 91 million ZAR and 181 million ZAR
More than 181 million ZAR
51. 51
Unmatched next-gen endpoint protection.
Introducing incredible upgrades to Sophos Intercept X
Get a free trial of Intercept X to test in your own network and see why
Gartner has named Sophos as a leader in the Magic Quadrant for Endpoint
Protection Platforms.
Start Free Trial
www.hummingbirdnetworks.com
Editor's Notes
In the last year, has your organisation been hit by ransomware?
Asked to all respondents (2,700)
In the last year, has your organization been hit by ransomware?
Asked to all respondents (2,700)
In the last year, has your organisation been hit by ransomware?
Asked to all respondents (2,700)
In the last year, has your organisation been hit by ransomware?
Asked to all respondents (2,700)
Was your organisation running up-to-date endpoint protection when you were last impacted by a ransomware attack?
Asked to all respondents whose organisation has been hit by ransomware in the last year (1468)
“How important is incorporating specific anti-ransomware technology into your organisation’s endpoint protection?”, asked to all respondents (2,700)
How important is incorporating specific anti-ransomware technology into your organization’s endpoint protection?
Asked to all respondents (2,700)
“What was the approximate cost to your organization to rectify the impacts of the most recent ransomware attack (considering downtime, people time, device cost, network cost, lost opportunity, ransom paid etc.…)?”, not showing “Don’t know” responses, asked to respondents whose organization has been hit by ransomware in the last year (1,468)
Number of 100+ user organizations in USA: 129K (source: US census)
60% hit by ransomware in the last year (source: U.S. respondents to this survey)
Average number of attacks: 2 (source: U.S. respondents to this survey)
Median cost to rectify a ransomware attack: US$120K (source: U.S. respondents to this survey)
129,000 x 0.6 x 2 x US$120,000 = US$18,576,000,000
GDP of Jamaica = US$14,027,000,000 (source: World Bank)
GDP data: World Bank https://en.wikipedia.org/wiki/List_of_countries_by_GDP_(nominal)
US organization datahttps://www.census.gov/epcd/susb/2008/us/US--.HTML
How important is incorporating anti-exploit technology into your organisation’s endpoint protection?”, asked to all respondents (2,700)
“In your opinion, which of the following terms best describes ‘anti-exploit’ software?”, asked to all respondents (2,700)
“In your opinion, which of the following terms best describes ‘anti-exploit’ software?”, asked to all respondents (2,700)
Stopping malware threats has become harder over the last year
Malware threats have become increasingly complex over the last year
asked to all respondents (2,700)
Stopping malware threats has become harder over the last year
Malware threats have become increasingly complex over the last year
asked to all respondents (2,700)
My organization’s current defenses are not totally sufficient to block the cyber threats I have seen in the past year
asked to all respondents (2,700)
What are your organization’s plans to incorporate predictive threat prevention technologies (provided through technologies like machine and deep learning) to stay ahead of complex malware attacks? asked to all respondents (2,700)
Do you understand the difference between machine learning and deep learning?”, asked to all respondents (2,700)
Figure 33: “What are the most important benefits your organisation is looking for when it comes to predictive threat prevention technologies provided through machine and deep learning?”, asked to respondents whose organisation is using or planning to use prevention technologies, showing a combination of responses ranked first, second, or third (2,349)
Q1. Does your organization see machine and deep learning as an additional detection technology for your endpoints or as a complete replacement for antivirus?”, asked to respondents whose organisation is using or planning to use prevention technologies (2,349)
Q2. Does your organization see machine and deep learning as an additional detection technology for your endpoints or as a complete replacement for antivirus?”, split by country, excluding those who said “Don’t know”, asked to respondents whose organisation is using or planning to use prevention technologies (2,349)
Figure 33: “What are the most important benefits your organisation is looking for when it comes to predictive threat prevention technologies provided through machine and deep learning?”, asked to respondents whose organisation is using or planning to use prevention technologies, showing a combination of responses ranked first, second, or third (2,349)
“What was the approximate cost to your organisation to rectify the impacts of the most recent ransomware attack (considering downtime, people time, device cost, network cost, lost opportunity, ransom paid etc.…)?”, not showing “Don’t know” responses, asked to respondents whose organisation has been hit by ransomware in the last year (1,468)
“What was the approximate cost to your organisation to rectify the impacts of the most recent ransomware attack (considering downtime, people time, device cost, network cost, lost opportunity, ransom paid etc.…)?”, not showing “Don’t know” responses, asked to respondents whose organisation has been hit by ransomware in the last year (1,468)
“What was the approximate cost to your organisation to rectify the impacts of the most recent ransomware attack (considering downtime, people time, device cost, network cost, lost opportunity, ransom paid etc.…)?”, not showing “Don’t know” responses, asked to respondents whose organisation has been hit by ransomware in the last year (1,468)
“What was the approximate cost to your organisation to rectify the impacts of the most recent ransomware attack (considering downtime, people time, device cost, network cost, lost opportunity, ransom paid etc.…)?”, not showing “Don’t know” responses, asked to respondents whose organisation has been hit by ransomware in the last year (1,468)
“What was the approximate cost to your organisation to rectify the impacts of the most recent ransomware attack (considering downtime, people time, device cost, network cost, lost opportunity, ransom paid etc.…)?”, not showing “Don’t know” responses, asked to respondents whose organisation has been hit by ransomware in the last year (1,468)
“What was the approximate cost to your organisation to rectify the impacts of the most recent ransomware attack (considering downtime, people time, device cost, network cost, lost opportunity, ransom paid etc.…)?”, not showing “Don’t know” responses, asked to respondents whose organisation has been hit by ransomware in the last year (1,468)
“What was the approximate cost to your organisation to rectify the impacts of the most recent ransomware attack (considering downtime, people time, device cost, network cost, lost opportunity, ransom paid etc.…)?”, not showing “Don’t know” responses, asked to respondents whose organisation has been hit by ransomware in the last year (1,468)
“What was the approximate cost to your organisation to rectify the impacts of the most recent ransomware attack (considering downtime, people time, device cost, network cost, lost opportunity, ransom paid etc.…)?”, not showing “Don’t know” responses, asked to respondents whose organisation has been hit by ransomware in the last year (1,468)
“What was the approximate cost to your organisation to rectify the impacts of the most recent ransomware attack (considering downtime, people time, device cost, network cost, lost opportunity, ransom paid etc.…)?”, not showing “Don’t know” responses, asked to respondents whose organisation has been hit by ransomware in the last year (1,468)
“What was the approximate cost to your organisation to rectify the impacts of the most recent ransomware attack (considering downtime, people time, device cost, network cost, lost opportunity, ransom paid etc.…)?”, not showing “Don’t know” responses, asked to respondents whose organisation has been hit by ransomware in the last year (1,468)