Only 7% of Organizations Can Restore Data Processes within 1-3 Days After a Ransomware Attack

New data on how organizations are able to respond to ransomware attacks also shows that paying a ransom is highly likely, despite having a policy of “Do Not Pay.”

Research data from security vendor Cohesity says organizations are overconfident in their ability to recover from a ransomware attack.

According to the data:

• 0% of organizations can recover within 24 hours
• 7% need 1-3 days
• 35% need 4-6 days
• 34% need 1-2 weeks
• 24% need over 3 weeks

And even if you do have an outstanding recovery plan, when’s the last time you tested it?  According to Cohesity’s data, 46% of organizations haven’t tested their recovery plan in the last 12 months.

And what about paying ransoms? 94% of organizations said they’d consider paying a ransom, despite 84% of organizations having a “do not pay” policy in place.

This data suggests that organizations will pay a price monetarily and operationally if they are hit by a ransomware attack. The far less costly path is minimizing the possibility of ransomware attack, which includes vulnerability management, a layered set of security controls and security awareness training to make your users part of the answer.