SpyCloud has unveiled the “2024 Malware and Ransomware Defense Report.” The document depicts how security leaders and practitioners understand and plan for the threat of malware and ransomware at their organizations. According to Spycloud, the report examines the top concerns and real-life impacts of ransomware, including popular entry points, ransom payments, and the cumulative costs of these attacks to the business.
Survey Methodology
To obtain the data for the report, SpyCloud, which specializes in cybercrime analytics, surveyed 510 individuals in active cybersecurity roles. Survey respondents were from U.S. and U.K. companies with at least 500 employees.
Read More: New Study: Email Threats Targeting Critical Infrastructure Rise
Key Takeaways
- 75% of organizations have been affected by ransomware more than once in the past 12 months
- Security executives are nearly twice as confident as their security practitioner counterparts in their organization’s ability to prevent a full-blown ransomware attack
- 54% of devices infected with infostealer malware had an antivirus or endpoint detection and response (EDR) solution installed
- Over 60% of organizations paid a ransom over the last 12 months, but only one-third fully recovered their data
On Record
In a recent quote, Damon Fleury, Chief Product Officer, SpyCloud, said, “With ransomware operators increasingly exploiting infostealer-exfiltrated data like session cookies, it’s become clear that traditional defenses are no longer enough. In today’s ransomware-fueled climate, organizations need to shift to an identity-centric approach for malware remediation and ransomware prevention. This means extending protection beyond just devices and directly addressing exposed digital identities. To disrupt the evolving tactics of ransomware attacks before they escalate, step one is knowing the data criminals have already stolen. Step two is quickly remediating compromised credentials and terminating stolen web sessions – including SSO, VPN, and SaaS application access.”
