Eighty percent of organisations surveyed have been attacked by ransomware in the past two years

Johannesburg, 23 May 2022

With eight out of 10 global organisations reporting being attacked by ransomware in the past two years, Mimecast research is shining a spotlight on how organisations are responding to the scourge of ransomware, how prepared they are for these attacks and how likely they are to pay the ransom.

In Mimecast's State of Ransomware Readiness report, more than a third of global organisations admitted to paying the ransom, with a third of these believing it is cheaper in the long run to pay the ransom following a successful attack. "Organisations primarily choose to pay the ransom because they believe they can recover the data," says Andrew Williams, cyber security expert at Mimecast. "However, only half of global companies – and a third of South African ones – get all their data back after paying a ransom."

The research tracked responses from IT and security executives in Australia, Canada, Germany, the Netherlands, Nordics, South Africa, the US and the UK. It found that "37% of global companies – and a quarter of South African ones – believe they can get their money back. But interestingly, less than one-third of global companies we surveyed actually recovered their money after paying the ransom. And paying only emboldens threat actors to launch more of these attacks and helps fund their criminal enterprise.”

New data from Mimecast's State of Email Security 2022 report found that 60% of South African organisations had suffered a ransomware attack in the past 12 months, up from 47% in 2020. "Respondents experienced an average of nearly 11 days of downtime due to attacks, during which time they suffered business disruption, lost productivity, damage to their reputations and more. The cost of these attacks is growing and an organisation’s best defence is to have adequate protections and recovery capabilities in place."

Williams says no single solution can provide adequate protection against ransomware – or restore full productivity in the wake of a successful attack. It’s not enough to tick off boxes by implementing various cyber security solutions without a robust strategy in place. The tools need to be integrated, work together and show value in minimising risk for the business.

“Considering the growing volume of ransomware attacks and the extensive reporting of successful attacks on local and international organisations, it was startling to note that less than half (47%) of South African organisations have a backup system in place, and only 36% have a disaster recovery plan in place to help the organisation bounce back after a successful attack.”

Williams adds that executives also need to lead a culture change within South African organisations that puts safe online practices and high levels of cyber security awareness at its core. “Employees are an important asset in the fight against all types of cyber attack, including ransomware. Regular and effective cyber security awareness training for all employees, in addition to improved security controls, can help improve the overall resilience of the business and prevent or help limit the damage of these attacks and remove the need to pay ransoms, which are no guarantee of the business restoring their systems or getting their data back.”

Mimecast’s Brian Pinnock will be discussing how businesses can build a defensible cyber security strategy at this year’s ITWeb Security Summit. IT decision-makers can learn how to ensure the implementation of security and recovery solutions is not just a tick-box exercise, but rather a defensible strategy that shows meaningful impact and lowers risk for the organisation.

Mimecast is the Urban Café sponsor of the annual ITWeb Security Summit 2022 to be held at Sandton Convention Centre, in Sandton, Johannesburg on 31 May and 1 June 2022 and a Silver sponsor at Century City Conference Centre, Cape Town on 6 June 2022. Now in its 17th year, the summit will again bring together leading international and local industry experts, analysts and end-users to unpack the latest threats. Register today.