Is Ransomware an Inevitable Fate for Business?

If I was to ask you what you think a mid-sized company’s loss from a ransomware attack would look like - what would you say? Most people grossly underestimate the cost. For context, let’s look at what happened just a few days ago with Cognizant - they’re estimating it’ll cost them between 50 and 70 million dollars to recover. That is definitely going to hammer their second quarter earnings.

Despite what we’d like to believe, ransomware and the costs associated with recovery are not uncommon and they are not insignificant. Norsk Hydro was hit just as hard in 2019, when a ransomware attack caused close to $70 million in lost revenue. And that’s just the losses. That doesn’t include the actual ransom payments.

In 2020, it is estimated that nearly $1.4 billion will be spent on ransomware costs in the U.S. alone. Global estimates vary greatly but some point to a possible $170 billion total price tag this year.

It is no surprise that ransomware has become a not-so-hidden, and clearly not silent, threat to the security of our data. Gone are the days when cybercriminals would focus their attention on large institutions with massive banks of private data, money reserves, and the ability to liquidate quickly.

Today, while some industries get hit harder than others, all industries are fair game, and ransomware assaults show no signs of slowing down. The price to get your own data from attackers’ hands is on the rise, and so is the threat to release that information to the public. And what we thought would happen in 2020 seems to be becoming a reality.

5 Trends That Were Projected and Are Now a Reality

Prepare for the Inevitable

“I’d rather have it and not need it, than need it, and not have it.” Smart line from a decent sci-fi movie but all too true, regardless of the situation.

Now is the time to make sure you have top of the line software protections, test your systems, backup your data regularly, and establish “set in stone” protocols for staff. Prepare for ransomware before it happens, and that means training, mock drills, and planning.

Educate Yourself and Your Team

Knowledge is power, and no one can take it from you.Do your homework. Stay on top of the latest attack methods and types and share them with staff. Training and reminders are key to preventing mistakes. You may not be the one who opens the phishing email labelled “COVID-19 Update,” but someone less careful might. And there goes your data!

Find a Trusted Expert to Follow

If you don’t know how, find someone who does – now! No one knows everything and a strong leader always develops a team that speaks to the organization’s strengths and combats its weaknesses. If you don’t have the answer, find someone, or a team, who does. If you have holes in your security, now is the time to fill the gaps and increase training. If you don’t, opportunistic cybercriminals will be ready to invade your system and hold you hostage.