30% Of Business Leaders Would Pay Ransom

The recently released  Risk: Value Report 2019, by NTT Security, examined the attitudes of more than 2,200 non-IT decision makers to risk and value of cybersecurity to the business across 20 countries. 

The findings revealed cyber-security threats are at the top of the agenda for business leaders, with cyber-attacks (43%) on the top, followed by data loss or theft (37%), and attacks on critical infrastructure (35%). 

Respondents had stated that these cybersecurity issues could affect their organisation in the next 12 months, and thus impacting the organisation more likely than other global issues such as terrorism and government failure. 

It is evident that organisations want to address cybersecurity concerns, with respondents stating that strong information and protecting data integrity were important to 84% and 85% of businesses respectively. With 88% of respondents citing that strong cybersecurity measures would benefit their organisation. 

Amongst the findings it was identified that organisations report that their critical data is no more secure than it was last year, with 48% of all organisations stating that their critical data is secure, whist only 45% have secured all of their organisation’s data. 

Only 58% of organisations have a formal security policy, out of which, 48% stated that employees were fully aware of the policy, with just 28% who fully-understood the policies. 

The Report Conclusions
“The regulatory landscape, particularly regarding the privacy of personally identifiable information, has changed considerably in the last few years, but many businesses are not keeping pace with these changes.”

  • Only 30% of companies think GDPR affects them, with 83% of organisations feeling that compliance is important, however 13% are unaware as to what regulations their organisations are subject to. 
  • In regards to ransomware, 33% of organisations would consider paying a ransom to an attacker instead of investing in cybersecurity, as they believe it is cheaper. 

It was also identified that 36% would rather pay a ransom than get a fine for non-compliance, thus indicating a clear fear about the potential consequences of being non-compliant, but also “indicates a lack of confidence in the ability of some organizations to deal with important regulatory issues”. 

Azeem Aleem, VP Consulting, NTT Security said:

“The Risk: Value report is an interesting barometer based on responses from those sitting outside of the IT function – and is often very revealing. What’s clear is that the world around them is changing, and changing fast, with the introduction of new regulations, integration of new technologies and fast-paced digital transformation projects changing the way we work. 

“What’s concerning though is that organisations seem to have come to a standstill in their journey to cybersecurity best practice, and it’s particularly worrying to see UK businesses falling behind in some critical areas like incident response planning.

“Decision makers clearly see security as an enabler; something that can help the business and society in general. But while awareness of cyber risks is high, organisations still lack the ability, or perhaps the will, to manage them effectively. The execution of cybersecurity strategies must improve or business risk will escalate for the organisations concerned.”

PrivSec Report

You Might Also Read:

Florida Municipality Suffers Cyber Extortion:

SamSam: $6 million Ransomware:

 

« Malboard Exploit Mimics A User’s Keystrokes
Iran’s Cyber Threat to Germany »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Infosecurity Europe, 3-5 June 2025, ExCel London

Infosecurity Europe, 3-5 June 2025, ExCel London

This year, Infosecurity Europe marks 30 years of bringing the global cybersecurity community together to further our joint mission of Building a Safer Cyber World.

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 7,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

IT Security Guru

IT Security Guru

IT Security Gurus publish daily breaking news. interviews with the key thinkers in IT security, videos and the top 10 stories as picked by our Editor.

QA Systems

QA Systems

QA Systems provides software testing solutions for safety and business critical sectors and software safety and security standards.

Networkers

Networkers

Networkers is a global recruitment consultancy helping unite job-seekers and hiring companies across the technology industry.

Dispersive Networks

Dispersive Networks

Dispersive Virtual Network is a carrier-grade software-defined programmable network that is inspired by battlefield-proven wireless radio techniques.

NXO France

NXO France

NXO is an independent leader in the integration and management of digital workflows with services covering digital infrastructures, communications & collaboration, and security.

Brainloop

Brainloop

Brainloop's security architecture enables you to work on and distribute strictly confidential documents both within and beyond the firewall.

Kleiner Perkins

Kleiner Perkins

For five decades, Kleiner Perkins has made history by partnering with some of the most ingenious and forward-thinking founders in technology and life sciences.

InterGuard

InterGuard

As the pioneer for Unified Insider Threat Prevention and productivity monitoring tools, InterGuard offers on premise and SaaS-based services that are easily available and affordable.

Neptune Cyber

Neptune Cyber

Neptune is a cyber security company that works exclusively in the marine sector. Our team combines experts in shipbuilding, maintenance and operations and cyber security testing and design.

Cyber Security Services

Cyber Security Services

Cyber Security Services is a cyber security consulting firm and security operations center (SOC).

Support Link Technologies (SLT)

Support Link Technologies (SLT)

Support Link Technologies are an IT Solutions Company committed to achieving customer satisfaction through excellent customer service.

Axians

Axians

Axians supports its customers in their digital transformation journey. We offer ICT solutions and services in areas including Enterprise Networks and Cybersecurity.

Netcraft

Netcraft

Netcraft is a global leader in cybercrime detection and disruption, combining cutting-edge technology with decades of experience to protect organizations of all sizes from digital threats and attacks.

DuckDuckGoose

DuckDuckGoose

DuckDuckGoose offer advanced solutions to protect against manipulated videos, images, voices and texts.

CyberForceHQ

CyberForceHQ

CyberForce helps cyber security professionals take real-world tests, get ranked and get paid better. It's that simple.

aiComply

aiComply

aiComply's AI-driven platform offers automated intelligence for an efficient cybersecurity compliance workflow, eliminating onerous manual and time-consuming paperwork.