46% of Enterprises Experience Four or More Ransomware Attacks in a Single Year, Affecting ERP Applications and Systems 89% of the Time
August 27 2024 - 3:00AM
Business Wire
New Research Finds Ransomware Remains a Mission
Critical Issue as 61% of Companies Deal with at Least 24 Hours of
Downtime Following an Attack
Onapsis, the global leader in business-critical application
security, today announced new research investigating how
enterprises are experiencing and managing ransomware attacks:
ERP Security in the Age of AI-Enhanced Ransomware. The
results drew on insights from 500 cybersecurity practitioners,
manager and above, at enterprise organizations with 500 or more
employees across the UK and DACH.
The research found that ransomware is an all-too-common
occurrence: 83% of organizations have experienced at least one
ransomware attack in the last year, 46% of respondents experienced
four or more and 14% indicated they experienced 10 or more. Of
those respondents who experienced at least one ransomware attack in
the last year, 61% said it resulted in downtime of at least 24
hours.
Enterprises Can’t Rely on the Integrated Security of ERP
Solutions
Of those organizations that experienced ransomware attacks, 89%
said their Enterprise Resource Planning (ERP) applications and
systems were affected by the attack at least once. The majority of
respondents realize this is a business-critical issue with 93% of
respondents agreeing it’s necessary to have a dedicated ERP
security solution.
Growing Concern Amid AI-Enabled Threats and Impact of ERP
Disruptions
According to Gartner®, AI-enhanced malicious attacks was the top
most commonly cited concern in the first quarter of 2024 based on
the research firm’s emerging risk rankings.*
“While the volume of these attacks isn’t surprising, the
increasing impact to ERP applications is notable and it will only
get worse amidst AI-enabled threats,” said Mariano Nunez, CEO of
Onapsis. “This is a reflection of ransomware actors realizing that
disrupting ERP and business-critical applications gives them the
most leverage, as downtime is measured in millions of dollars per
hour at large organizations. The research is also very clear in
that generic security solutions on the market are falling short.
Enterprises need a purpose-built, comprehensive solution that
protects their mission-critical ERP platforms from this increasing
threat.”
A View into how Companies are Handling Ransomware
When asked if they communicated with the threat actor executing
the ransomware attack, the majority (69%) said yes. As for whether
organizations are paying the ransom, respondents were split with
34% paying every time, 21% paying only some of the time and 45%
never paying. Many organizations are turning to outside support to
help manage ransomware with 83% of respondents who paid the ransom
at least once, saying they have worked with a ransomware
broker.
Ransomware has become so prevalent and problematic, 96% of
organizations realized they’ve needed to make changes to their
security strategy. When asked how ransomware has influenced their
cybersecurity investment:
- 57% invested in new solutions
- 54% invested in employee training
- 53% added more cybersecurity staff internally
- 36% hired an outside threat research team
To view the full data, visit: ERP Security in the Age of
AI-Enhanced Ransomware
Methodology
The survey was conducted among 500 Cybersecurity DMs, Manager
and above from organisations with 500+ employees across UK and
DACH. The interviews were conducted online by Sapio Research in
June and July 2024 using an email invitation and an online survey.
Results of any sample are subject to sampling variation. The
magnitude of the variation is measurable and is affected by the
number of interviews and the level of the percentages expressing
the results. In this particular study, the chances are 95 in 100
that a survey result does not vary, plus or minus, by more than 4.4
percentage points from the result that would be obtained if
interviews had been conducted with all persons in the universe
represented by the sample. Sample was selected from Online partner
panels.
*Gartner Press Release, Gartner Survey Shows AI-Enhanced
Malicious Attacks Are a New Top Emerging Risk for Enterprises, May
22, 2024.
GARTNER is a registered trademark and service mark of Gartner,
Inc. and/or its affiliates in the U.S. and internationally and is
used herein with permission. All rights reserved.
About Onapsis
Onapsis protects the business applications that run the global
economy. The Onapsis Platform delivers vulnerability management,
change assurance, and continuous compliance for business
applications from leading vendors such as SAP, Oracle, and others.
The Onapsis Platform is powered by the Onapsis Research Labs, the
team responsible for the discovery and mitigation of more than
1,000 zero-day vulnerabilities in business applications.
Connect with Onapsis on LinkedIn, X, or visit
https://www.onapsis.com
View source
version on businesswire.com: https://www.businesswire.com/news/home/20240827395975/en/
10Fold Communications Onapsis@10Fold.com