Cloud Security

Nearly two-thirds of ransomware victims paid ransoms last year, according to “2022 Cyber ​​Threat Defense Report”

Nearly two-thirds of ransomware victims paid ransoms last year, according to “2022 Cyber ​​Threat Defense Report”
Written by ga_dahmani
Nearly two-thirds of ransomware victims paid ransoms last year, according to “2022 Cyber ​​Threat Defense Report”

ANNAPOLIS, Md.–(COMMERCIAL WIRE)–CyberEdge Group, a leading research and marketing company serving the top vendors in the cyber security industry, today announced the release of its ninth annual Cyber ​​Threat Defense Report (CDR). The award-winning CDR is the standard for evaluating the security posture of organizations, measuring the perceptions of information technology (IT) security professionals, and determining current and planned investments in IT security infrastructure, across all industries. and geographic regions.

Funding of the ransomware industry

A record 71% of organizations were hit by successful ransomware attacks last year, according to the 2022 CDR, up from 55% in 2017. Of those that fell victim, nearly two-thirds (63%) paid the ransom demanded , compared to 39% in 2017.

As for why more organizations today, such as Colonial Pipeline, CNA Financial, and JBS Holdings, are paying ransoms, CyberEdge offers three explanations:

  • Threat to expose exfiltrated data. Most modern ransomware attacks not only encrypt compromised data, but also leak it. Failure to pay a ransom can, and has, resulted in the public exposure of highly sensitive data, to the embarrassment of its victims.
  • Lower recovery cost. Many organizations find that paying a ransom is significantly less expensive than bearing the high cost of system downtime, customer outages, and potential lawsuits stemming from publicly exposed sensitive data.
  • Greater confidence for data recovery. Nearly three-quarters (72%) of victims who paid ransom had their data recovered in the past year, up from 49% in 2017. This increased confidence in successful data recovery is often factored into the decision to pay the ransom. bailing out.

“These days, falling victim to ransomware is more a matter of ‘when’ than ‘if,’” says Steve Piper, founder and CEO of CyberEdge Group. “Deciding whether to pay a ransom is not easy. But if you plan ahead and carefully, that decision can be made long before a ransomware attack. At a minimum, a decision framework must be in place so that precious time is not wasted as the ransom payment deadline approaches.”

People’s problems persist

Each year, CyberEdge asks respondents to rate potential inhibitors that prevent them from adequately defending their organizations from cyber threats. This year, “lack of qualified personnel” and “low safety awareness among employees” were the top-rated concerns, as they have been for the past three years. In other words, the two biggest persistent problems are not related to budget or technology, but to people.

According to this year’s CDR, 84% of responding organizations are experiencing a shortage of qualified IT security personnel. IT security administrators (41%), IT security analysts (33%), and IT security architects (32%) are in highest demand. In addition, too many organizations teach their employees how to evade email and web-based cyber threats when they are hired, but fail to follow up with additional regular training to reinforce lessons learned. This oversight poses a huge risk to organizations, as most data breaches come from poorly trained employees.

Additional Key Findings

The 2022 CDR yielded dozens of additional insights, including:

  • Increased spending on security. A staggering 83% of responding organizations are experiencing growth in their security budgets, up from 78% last year. The average security budget has grown by 4.6% in 2022, compared to 4.0% in 2021.
  • The most advanced security technology for 2022. CyberEdge tracks security organizations’ current and planned investments in five technology categories. Among the most sought-after security technologies in 2022 are next-generation firewalls (network security), deception technology (endpoint security), bot management (application and data security), advanced security analytics (management and security operations) and biometrics (identity). and access management).
  • The weakest links this year. Mobile devices, industrial control/supervisory control and data acquisition (ICS/SCADA) systems, and Internet of Things (IoT) devices top this year’s list of IT components that are most difficult to protect .
  • Look at those APIs. Solutions to secure application programming interfaces (APIs) are adopted by nearly two-thirds (64%) of organizations.
  • PII and credentials at risk. Among attacks on web and mobile applications, harvesting of personally identifiable information (PII) and account takeover (ATO) attacks are the most frequent and worrying.
  • Hybrid cloud security issues. “Detecting unauthorized use of applications” (46%) and “detecting and responding to cyber threats” (45%) top the list of hybrid cloud security challenges.
  • Specialty certifications in demand. Nearly all (99%) of the research participants agreed that achieving an IT security specialty certification would boost their careers. Cloud security and software security topped the list of most in-demand specialty certifications.
  • Application integration and data security. “Improved cloud security posture” and “improved security incident investigations” were cited as the main benefits achieved by integrating application and data security into a unified platform.
  • Protecting work from home (FMH). To protect employees who work from home, security teams rely on antivirus and VPN products, as well as SD-WAN, network access control (NAC), and mobile device management (MDM) solutions.
  • Adopt emerging technologies. The vast majority of organizations have adopted emerging security technologies such as SD-WAN (82%), zero-trust network architectures (77%), and Security Access Services Edge (SASE) (73%).

About the CDRs

In November 2021, 1,200 IT security professionals and decision makers completed a 27-question online survey. Each participant was employed by a commercial or government entity with a minimum of 500 employees. Participants came from six geographic regions: North America, Europe, Asia Pacific, the Middle East, Latin America, and Africa.

The CDR measures perceptions about cyber threats and determines future plans to improve security and reduce risk. It enables IT security professionals to compare their company’s security posture, operating budget, product investments, and best practices with peers in their industry and geographic region.

CDR 2022 is supported by leading information security providers:

  • Platinum Sponsors: (ISC)twoGigamon, Imperva, Menlo Security, PerimeterX and ThreatX

  • Gold Sponsors: Aqua Security, Attivo Networks, ConnectWise, Delinea, LookingGlass Cyber ​​Solutions, Netsurion, and PhishLabs by HelpSystems

  • Silver Sponsors: Agari from HelpSystems, Binary Defense, Drawbridge, Eclypsium, Netwrix, SailPoint, and Telos Corporation

Now available

The 2022 Cyber ​​Threat Defense Report is available through all sponsors or by visiting the CyberEdge Group website at

About the CyberEdge group

CyberEdge Group is an award-winning marketing and research consulting firm serving the diverse needs of information security vendors and service providers. Headquartered in Annapolis, Maryland, with more than 60 consultants in North America, CyberEdge works with approximately one in six IT security vendors. The company’s annual Cyberthreat Defense report provides information security decision-makers and professionals with an unbiased, actionable view of how enterprises and government agencies are defending their networks in today’s complex cyberthreat landscape. For more information visit

The CyberEdge Group name and logo are trademarks of CyberEdge Group, LLC in the United States and other countries. All other trademarks and service marks are the property of their respective owners.

About the author


Leave a Comment