The cost of ransomware-related downtime has increased more than 200 percent
- Published: Friday, 18 October 2019 09:18
Datto, Inc., has announced findings from its fourth annual Global State of the Channel Ransomware Report. The survey of more than 1,400 MSP decision makers that manage the IT systems for small-to-medium-sized businesses (SMBs) found that ransomware remains the most common cyber threat to SMBs.
Key findings from the report include:
- Ransomware attacks are pervasive. The number of ransomware attacks against SMBs is on the rise. 85 percent of managed service providers (MSPs) reported attacks against SMBs over the last two years, compared to 79 percent of MSPs who reported the same in 2018. In the first half of 2019 alone, 56 percent of MSPs reported attacks against SMB clients.
- A disconnect exists on the significance of ransomware as a threat. 89 percent of MSPs report that SMBs should be very concerned about the threat of ransomware. However, only 28 percent of MSPs report SMBs are very concerned about the threat.
- The cost of ransomware is significant. 64 percent of MSPs report experiencing a loss of business productivity for their SMB clients while 45 percent report business-threatening downtime. The average cost of that downtime is $141,000, a more than 200 percent increase over last year’s average downtime cost of $46,800. The report also uncovered that the cost of downtime is now 23 times greater than the average ransom request of $5,900.
- One of the most basic and effective controls when it comes to ransomware preparation is being underutilized. MSPs report enabling 2FA on only 60 percent of email clients and 61 percent of password managers, despite the fact that the majority of MSPs (67 percent) claim phishing emails are the leading cause of ransomware breaches at SMBs.
- Business continuity and disaster recovery solutions have continued to prove to be the most effective in lessening the impact of a ransomware attack. 92 percent of MSPs report that their clients with BC and DR solutions in place are less likely to experience significant downtime during an attack. In addition, four out of five MSPs state victimized clients with BC and DR tools in place recovered from an attack in 24 hours or less, while less than one in five MSP clients without BC and DR were able to do the same.