VLCM valued cybersecurity partner Sophos recently released The State of Ransomware in Financial Services 2022 report, which offers fresh insights into ransomware attacks, costs, recovery, and ransom payouts affecting financial services organizations over the last year.
The report is based on a Sophos annual study of the real-world ransomware experiences of IT professionals, of which 444 respondents came from the financial services sector, working in mid-sized companies (100-5,000 employees) across 31 countries.
The study reveals an increasingly challenging attack environment, and the growing financial and operational burden ransomware is placing on financial services organizations. It also sheds light on the relationship between ransomware and cyber insurance, including the role cyber insurance is playing in driving changes to cyber defenses.
Here are the key findings from the report:
- Ransomware attacks on financial services have increased – 55% of organizations were hit in 2021, up from 34% in 2020
- The increased attack rate is part of a cross-sector, global trend. Even though the attack rates are higher in 2021, financial services reported the lowest attack rates of all sectors
- Financial services reported the second-lowest rate of data encryption at 54%. The global average was 65%, for comparison
- 52% of financial services organizations paid the ransom to restore data, which is higher than the global average of 46%
- The amount of data restored by financial services has remained constant at 63% across 2020 and 2021; the global average is 61%. However, the percentage of financial services organizations that got ALL their encrypted data back went up from 4% in 2020 to 10% in 2021. For comparison, the global average in 2021 was just 4%
- The rate of ransom payment by the financial services sector more than doubled: up from 25% in 2020 to 52% in 2021. The global average in 2021 was 46%
- The average remediation cost in financial services was US$1.59M, which is above the global average of US$1.4M
- 83% of financial services organizations reported having cyber insurance coverage against ransomware, which is in line with the global average
- Cyber insurance is driving financial services to improve cyber defenses – 98% of financial services organizations have upgraded their cyber defenses to secure coverage
- Financial services has one of the lowest ransom payout rates by insurers: 32% compared to 40% across all sectors
The increasing rate of ransomware attacks in financial services demonstrates that adversaries have become considerably more capable of executing attacks at scale by successfully deploying the ransomware-as-a-service model.
Most financial services organizations are choosing to reduce the financial risk associated with such attacks by taking cyber insurance. For them, it’s reassuring to know that insurers pay some costs in almost all claims. However, the sector has one of the lowest ransom payout rates by insurers.
It’s getting harder for organizations, especially in the financial services sector, to secure coverage. This has driven almost all financial services organizations to make changes to their cyber defenses to improve their cyber insurance positions.
Read the full report: The State of Ransomware in Financial Services 2022