OpenText Cybersecurity 2023 Global Ransomware Survey: The risk perception gap

The cyber landscape continues to evolve at lightning speed; attacks are more frequent and increasingly sophisticated. And while the use of large language models and…

Grayson Milbourne profile picture
Grayson Milbourne

November 15, 20233 minute read

The cyber landscape continues to evolve at lightning speed; attacks are more frequent and increasingly sophisticated. And while the use of large language models and generative AI in cybersecurity are still in the early stages, they open the door for attackers with lower skillsets to achieve new capabilities through the generation of malicious code, as well as simplifying especially cunning and effective phishing attacks. Businesses recognize these threats, yet findings of the OpenText™ Cybersecurity 2023 Global Ransomware Survey paints a conflicting picture among small-to-medium businesses (SMBs) and enterprises (more than 1,000 employees) as to who is a target.   

While awareness about ransomware risk is concerning, all is not bleak. Findings show SMBs and enterprises are advancing their defenses with plans to increase security budgets and invest in personnel, including leveraging the channel to offset the skills shortage. 

A contradictory mindset: 

A majority of SMBs (90%) and enterprises (87%) feel extremely or somewhat concerned about ransomware attacks. 46% of SMBs and enterprises report experiencing a ransomware attack this year. 54% of respondents believe they are more at risk of an attack due to threat actors leveraging AI.  

Despite concerns, there is a serious disconnect as a surprising 65% of SMBs and 54% of enterprises either don’t believe or aren’t sure they are ransomware targets.  

Common ground: 

SMBs and enterprises share a similar view on how to handle ransom demands. 64% percent of SMBs and 70% of enterprises do not believe in paying a ransom. Similarly, 79% of SMBs and 82% of enterprises have established recovery plans to mitigate successful ransomware attacks which indicates they are taking proactive steps in the event an attack occurs.  

Taking cybersecurity seriously: 

The good news is that businesses of all sizes are making investments to improve their security postures. Despite a well-documented cybersecurity talent shortage, SMBs (44%) and enterprises (43%) plan to expand their security teams next year. As a workaround to the shortage, businesses are turning to the channel. 52% of SMBs and 42% of enterprises report outsourcing security to an MSP or channel provider. 

While 65% of businesses also believe their security sectors are adequately funded, SMBs (57%) and enterprise (53%) plan to increase security spend in 2024. 40% of SMBs (37% of enterprises) aim to increase budgets by 5-10%; and 33% of SMBs (31% of enterprises) plan a 10-20% increase.  

Setting priorities: 

Not surprising, cloud security remains a top concern—and key investment priority— for both SMBs (55%) and enterprises (59%).  

SMBs ranked cloud security first, followed by security awareness training (52%), network protection (48%) and then email security (45%). A slight variation of priorities, enterprises ranked network protection (62%) first, followed by cloud security  Security staffing was third (56%) and security awareness training was fourth (52%). These numbers are encouraging as they indicate businesses understand a layered approach to security is most effective.  

Closing the awareness gap: 

Businesses are also investing in more frequent security awareness training; SMBs are conducting training at nearly the same pace as enterprises.  

83% of SMBs require employees to take security awareness or phishing training. Of these respondents, 38% conduct training quarterly and 41% twice a year. A majority (96%) of enterprises require regular security awareness or phishing training. Of these respondents, 40% of enterprises conduct security awareness training once per quarter and 34% twice a year. An increased focus on security awareness training is encouraging news given the disconnect over who is a target. 

Share this post

Share this post to x. Share to linkedin. Mail to
Grayson Milbourne avatar image

Grayson Milbourne

Grayson Milbourne is the Security Intelligence Director at OpenText Cybersecurity, a division of OpenText. Grayson’s nearly two decades of security intelligence expertise include malware analysis, data science, and security education. In his current role, Grayson is focused on efficacy development to ensure the company’s security management products (which include the Webroot portfolio) are able to defend against the most cutting-edge threats. He is a longtime advocate for better 3rd party testing of security products and represents OpenText Security Solutions at the Anti-Malware Testing and Standards organization, AMTSO. Through his efforts, AMTSO released testing standards that greatly improved testing quality when followed. Grayson is an avid participant in the security community and drives awareness of current threats by speaking at major events such as RSA and Virus Bulletin. He is a frequent guest on local NBC affiliates and several cybersecurity podcasts. Beyond his passion for protecting people from cyberthreats, Grayson loves aviation and holds a private pilot license. His other passions include strategic boards games, skiing and playing golf. He lives in Louisville, Colorado with his wife, Danielle and their two cats, Theodore and Aiden.

See all posts

Stay in the loop!

Get our most popular content delivered monthly to your inbox.