New Ransomware Survey Says Companies Still Don’t Believe They are Targets

OpenText has released the results of its annual 2023 OpenText Cybersecurity Global Ransomware Survey. Findings show a similarity in how small-to-medium sized businesses (SMBs) and enterprises (more than 1,000 employees) think about ransomware attacks, including a disconnect about who is a target and growing concern about the use of artificial intelligence (AI) by threat actors. While the majority of organizations don’t believe they will be attacked, they do understand the business risks as evidenced by increased security spending and plans to expand security teams.

“The conviction ‘it won’t happen to me’ is a risky mindset,” said Prentiss Donohue, Executive Vice President of OpenText Cybersecurity. “While many businesses take the right defensive steps like using access controls, deploying backup and monitoring for threats, a layered security approach that includes education remains the best defense against ransomware. Ongoing education of the risks as well as the techniques used to perpetuate an attack is essential to avoid falling victim.”

Almost half of SMBs and enterprises (46% each) have experienced a ransomware attack, yet 65% of SMBs don’t think or aren’t sure they are a ransomware target; a slight increase from 59% in 2022. More than half (54%) of enterprises also don’t think, or aren’t sure, they are a ransomware target. While SMBs and enterprises don’t think they are targets, both are still very concerned about ransomware attacks and the use of AI by threat actors, according to the report.

Despite these findings, 90% of SMBs are extremely or somewhat concerned about a ransomware attack. This is a slight increase from the previous year’s 88%. Similarly, most enterprises (87%) are extremely or somewhat concerned about a ransomware attack. Over half (54%) of SMBs and enterprises feel more at risk of suffering a ransomware attack from increased AI use by threat actors.

More than half (57%) of SMBs plan to increase their security budget in 2024. Of these, 40% plan to increase budgets by 5 to 10%; and 33% plan to increase budgets by 10 to 20%.

Similarly, 53% of enterprises plan to increase their security budget in 2024. Of these, 37% plan to increase budgets by 5 to 10%; 31% plan to increase budgets by 10 to 20%.

OpenText Cybersecurity polled 2,016 security, IT professionals, and business leaders from small and medium-sized businesses (SMBs) with up to 1,000 employees, and enterprises with more than 1,000 employees in the United States, the United Kingdom, and Australia from September 27 to October 17, 2023.

Channel Impact^®
The data, particularly as relates to budget increases, demonstrates a solid market opportunity for channel partners.