Companies Increase IT Security Spending as Ransomware Rises


Companies Increase IT Security Spending as Ransomware Rises

By Greg Tavarez

Financial records, customer data and intellectual property. These are the shining jewels among sensitive company data, and the investment and effort put into protecting these jewels are the difference between company success and failure.

It’s to no one’s surprise that companies are increasing their IT spending to boost security. Almost two-thirds of companies increased IT security spending from 2021-22 according to GetApp’s “2022 Data Security Report,” and 78% of companies say their security budget is appropriately funded.

Whether they actually are well-enough funded remains to be seen, but certainly, seeing the increased spending in security is an encouraging sign considering the rise in ransomware attacks. More than half of organizations experienced a ransomware attack in 2022, an increase from 35% in 2021. However, the percentage of ransom payments declined. Close to two-thirds of companies paid the ransom in 2022 compared to 72% in 2021. It’s still a much higher number than it should be, but the decline is promising.

The decrease in ransom payments is likely attributed to more companies successfully decrypting data and removing the malware or recovering from the attack by using a backup without paying a ransom. That means there is still work to be done on the security front.

An area companies need to improve on to prevent attacks, though, is phishing schemes. They reached a critical point in 2022. The percentage of companies reporting phishing increased from 77% to 89%, and a worrying concern is the number of companies that report someone actually clicking a link in a phishing email — up from 64% to 81% in only the last year. The percentage of employees clicking on phishing links jumped from 43% to 81% in the last three years.

Cyber attackers’ tactics are becoming smarter, but it shows companies need to prioritize email security based on these stats alone, and educate staff on the increasingly sophisticated social engineering strategies that threat actors use in phishing emails – like the one that resulted in the recent Uber breach.

In fact, they are taking that initiative to fight back by using phishing tests to gauge and address employee vulnerabilities to phishing ploys. The percentage of companies that use phishing tests rose from 30% in 2019 to 70% in 2022. Multi-factor authentication is also being implemented to mitigate many of the most common data security threats, including phishing attacks.

Bad actors in ransomware attacks will always look for new ways to infiltrate businesses and steal sensitive data and threaten to release that information unless a ransom is paid. Despite ransomware rising by a decent percentage in 2022, it’s good to see companies taking the initiative with cybersecurity. Of course, there is work to do yet, but educating employees and investing into IT cybersecurity is an encouraging practice to help mitigate attacks.

Edited by Erik Linask

MSPToday Editor

Related Articles

Unifi Connects Employees to T-Mobile 5G Network

By: Greg Tavarez    9/28/2022

Unifi selected T-Mobile and Hyperion for a Managed Mobility program to give employees a personal 5G smartphone.

Read More

Teams Direct Routing for MSP Revenue

By: Gary Audin    9/27/2022

Team Direct Routing is a way to connect Microsoft's Phone System to the PSTN via an existing PBX, Unified Communications system, or a third-party tele…

Read More

End-User Privacy and Mobile Security Coexist in Q-Scout

By: Greg Tavarez    9/27/2022

Quokka believes end-user privacy and mobile security should coexist in a secure BYOD network and launched Q-Scout to provide proactive, privacy-first …

Read More

CrowdStrike Intros Partner Progam, Adds Elite Tier for Business Growth

By: Stefania Viscusi    9/27/2022

The CrowdStrike Powered Service Provider Program (CPSP) includes value-added solution bundles and is adding an elite tier to incentivize MSPs.

Read More

Escalating Ransomware Diminishes Organizations' Confidence

By: Greg Tavarez    9/26/2022

SpyCloud revealed in its "2022 Ransomware Defense Report" that 90% of organizations were affected by ransomware in some capacity over the past 12 mont…

Read More