{"id":16262,"date":"2021-10-06T08:15:13","date_gmt":"2021-10-06T08:15:13","guid":{"rendered":"https:\/\/web3unplugged.io\/blog\/?p=16262"},"modified":"2021-10-06T08:15:19","modified_gmt":"2021-10-06T08:15:19","slug":"financial-services-organizations-hit-by-ransomware-face-more-than-2-million-in-recovery-costs-sophos-survey-shows","status":"publish","type":"post","link":"https:\/\/web3unplugged.io\/blog\/financial-services-organizations-hit-by-ransomware-face-more-than-2-million-in-recovery-costs-sophos-survey-shows\/","title":{"rendered":"Financial Services Organizations Hit By Ransomware Face More Than $2 Million In Recovery Costs, Sophos Survey Shows"},"content":{"rendered":"\n<p><a href=\"https:\/\/www.sophos.com\/en-us.aspx\">Sophos<\/a>,a global leader in next-generation cybersecurity, today announced findings from its survey report, \u201c<a href=\"https:\/\/www.sophos.com\/en-us\/medialibrary\/PDFs\/Whitepaper\/sophos-state-of-ransomware-financial-services-2021-wp.pdf\">The State of Ransomware in Financial Services<\/a> 2021,\u201d that show how mid-sized financial services organizations worldwide spent more than $2 millionon average recovering from a ransomware attack. This figure exceeds the global average of $1.85 million, even though the results also show the financial sector is among the most resilient against ransomware. Nearly two-thirds (62%) of victims surveyed in this sector were able to restore their encrypted data from backups. The survey studied the extent and impact of ransomware attacks during 2020.<\/p>\n\n\n\n<p>Other findings include:<\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>34% of the financial services organizations surveyed were hit by ransomware in 2020<\/li><li>51% of the organizations impacted said the attackers succeeded in encrypting their data<\/li><li>Only 25% paid the ransom demanded to get their encrypted data back. This is the second lowest payment rate of all industries surveyed. The global average was 32%<\/li><\/ul>\n\n\n\n<p>Financial services is among the most highly regulated industries in the world. Organizations must adhere to myriad regulations, including <a href=\"https:\/\/www.sarbanes-oxley-101.com\/sarbanes-oxley-audits.htm\">SOX<\/a>, <a href=\"https:\/\/gdpr-info.eu\/\">GDPR<\/a>, and <a href=\"https:\/\/www.pcisecuritystandards.org\/\">PCI DSS<\/a>, that include pricey penalties for non-compliance and data breaches. Many of these organizations are also required to prepare business continuity and disaster recovery plans to minimize any potential damage from data breaches or operational disruptions stemming from a cyberattack.<\/p>\n\n\n\n<p>\u201cStrict guidelines in the financial services sector encourage strong defenses,\u201d said John Shier,senior security advisor, Sophos. \u201cUnfortunately, they also mean that a direct hit with ransomware is likely to be very costly for targeted organizations. If you add up the price of regulatory fines, rebuilding IT systems and stabilizing brand reputation, especially if customer data is lost, you can see why the survey found that recovery costs for mid-sized financial services organizations hit by ransomware in 2020 were in excess of $2 million.<\/p>\n\n\n\n<p>\u201cTwo other slightly worrying data points are the fact that a small, but significant, 8% of financial services organizations experienced what are known as \u2018extortion\u2019 attacks, where data is not encrypted, but stolen and victims are threatened with the online publication of their data unless they pay the ransom. Backups cannot protect against this risk, so financial services organizations should not rely on them as an anti-extortion defense. Further, 11% of the financial organizations surveyed believe they won\u2019t get hit because they are \u2018not a target.\u2019 This is a dangerous perception because anyone can be a target. The best approach is to assume you will be a target and to build your defenses accordingly.\u201d<\/p>\n\n\n\n<p>Of the financial services organizations that believe they\u2019ll be hit by ransomware in the future, 47% said this is because attacks are now so sophisticated they have become harder to stop. Forty-five percent feel they\u2019ll become a target because other organizations in their industry have already been targeted with ransomware. Forty percent believe that since ransomware is so prevalent, it is inevitable they\u2019ll get hit by the cybercrime.<\/p>\n\n\n\n<p>\u201cThe financial sector has too much at stake to not set up an indepth defensive plan to protect, dectect and blockcyber attackers,\u201d said Shier. \u201cWhile they should continue to invest in backups and their disaster recovery efforts to minimize the impact of an attack, they should also look to extend their anti-ransomware defenses by combining technology with human-led threat hunting to neutralize today\u2019s advanced human-led cyberattacks.\u201d<\/p>\n\n\n\n<p>The \u201cSate of Ransomware in Financial Services 2021\u201d report is available on <a href=\"https:\/\/www.sophos.com\/en-us\/medialibrary\/PDFs\/Whitepaper\/sophos-state-of-ransomware-financial-services-2021-wp.pdf\">Sophos.com<\/a>.<\/p>\n\n\n\n<p>The State of Ransomware in Financial Services 2021 survey polled 5,400 IT decision makers, including 550 in financial services organizations, in 30 countries across Europe, the Americas, Asia-Pacific and Central Asia, the Middle East, and Africa.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Sophos,a global leader in next-generation cybersecurity, today announced findings from its survey report, \u201cThe State of Ransomware in Financial Services 2021,\u201d that show how mid-sized financial services organizations worldwide spent more than $2 millionon average recovering from a ransomware attack. This figure exceeds the global average of $1.85 million, even though the results also show [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":16264,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_seopress_robots_primary_cat":"none","_seopress_titles_title":"","_seopress_titles_desc":"","_seopress_robots_index":"","footnotes":""},"categories":[1],"tags":[],"class_list":["post-16262","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-uncategorized"],"rttpg_featured_image_url":{"full":["https:\/\/web3unplugged.io\/blog\/wp-content\/uploads\/2021\/10\/John-Shier-Sophos-Sr-Research-Scientist.jpg",640,428,false],"landscape":["https:\/\/web3unplugged.io\/blog\/wp-content\/uploads\/2021\/10\/John-Shier-Sophos-Sr-Research-Scientist.jpg",640,428,false],"portraits":["https:\/\/web3unplugged.io\/blog\/wp-content\/uploads\/2021\/10\/John-Shier-Sophos-Sr-Research-Scientist.jpg",640,428,false],"thumbnail":["https:\/\/web3unplugged.io\/blog\/wp-content\/uploads\/2021\/10\/John-Shier-Sophos-Sr-Research-Scientist-150x150.jpg",150,150,true],"medium":["https:\/\/web3unplugged.io\/blog\/wp-content\/uploads\/2021\/10\/John-Shier-Sophos-Sr-Research-Scientist-300x201.jpg",300,201,true],"large":["https:\/\/web3unplugged.io\/blog\/wp-content\/uploads\/2021\/10\/John-Shier-Sophos-Sr-Research-Scientist.jpg",640,428,false],"1536x1536":["https:\/\/web3unplugged.io\/blog\/wp-content\/uploads\/2021\/10\/John-Shier-Sophos-Sr-Research-Scientist.jpg",640,428,false],"2048x2048":["https:\/\/web3unplugged.io\/blog\/wp-content\/uploads\/2021\/10\/John-Shier-Sophos-Sr-Research-Scientist.jpg",640,428,false],"post-thumbnail":["https:\/\/web3unplugged.io\/blog\/wp-content\/uploads\/2021\/10\/John-Shier-Sophos-Sr-Research-Scientist.jpg",628,420,false],"graptor-sq-xs":["https:\/\/web3unplugged.io\/blog\/wp-content\/uploads\/2021\/10\/John-Shier-Sophos-Sr-Research-Scientist.jpg",100,67,false]},"rttpg_author":{"display_name":"admin","author_link":"https:\/\/web3unplugged.io\/blog\/author\/admin\/"},"rttpg_comment":0,"rttpg_category":"<a href=\"https:\/\/web3unplugged.io\/blog\/category\/uncategorized\/\" rel=\"category tag\">Uncategorized<\/a>","rttpg_excerpt":"Sophos,a global leader in next-generation cybersecurity, today announced findings from its survey report, \u201cThe State of Ransomware in Financial Services 2021,\u201d that show how mid-sized financial services organizations worldwide spent more than $2 millionon average recovering from a ransomware attack. This figure exceeds the global average of $1.85 million, even though the results also show&hellip;","_links":{"self":[{"href":"https:\/\/web3unplugged.io\/blog\/wp-json\/wp\/v2\/posts\/16262","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/web3unplugged.io\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/web3unplugged.io\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/web3unplugged.io\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/web3unplugged.io\/blog\/wp-json\/wp\/v2\/comments?post=16262"}],"version-history":[{"count":1,"href":"https:\/\/web3unplugged.io\/blog\/wp-json\/wp\/v2\/posts\/16262\/revisions"}],"predecessor-version":[{"id":16265,"href":"https:\/\/web3unplugged.io\/blog\/wp-json\/wp\/v2\/posts\/16262\/revisions\/16265"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/web3unplugged.io\/blog\/wp-json\/wp\/v2\/media\/16264"}],"wp:attachment":[{"href":"https:\/\/web3unplugged.io\/blog\/wp-json\/wp\/v2\/media?parent=16262"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/web3unplugged.io\/blog\/wp-json\/wp\/v2\/categories?post=16262"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/web3unplugged.io\/blog\/wp-json\/wp\/v2\/tags?post=16262"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}