The landscape of cyberattacks related to cyberattacks on companies ended 2021 with some signs of improvement. At least when it comes to the amounts paid by companies to attackers after being hacked. ransomware. Thus, according to VentureBeat, after the rise we saw in the third quarter of 2021, in which the average payment was higher than usual, in the last three months of the year, the payments made for these attacks they roamed on average $167,000an amount that is 44.3% lower than that of the third quarter.
In general, in addition, fewer ransoms are also paid for these attacks than are requested. Regarding the reduction in costs and seriousness, something also noticed between October and December, it may be due to the fact that the insurance companies required more solid backup copies so that the insurance covered the companies that contract it, which helps to expand the There is an increasing trend towards more sophisticated approaches in companies when it comes to mitigating the risks associated with ransomware.
Regarding the specific concerns and perspectives of SMEs, there are signs that they are still developing their investments in cybersecurity. Small and medium-sized businesses are primarily concerned with external threats, and particularly with attack vectors, including both phishing and ransomware. But only 8% of smaller companies, which are those with fewer than 50 employees, have a cybersecurity budget dedicated to protecting against attacks and vulnerabilities.
Meanwhile, in companies with more than 250 employees, 18% have a specific budget for online security. However, it is also observed that the cybersecurity spendingin general, is going up. 60% of companies expect their investment to risewhich is supported by both its CEOs and senior managers.
In general, companies complain of a lack of resources. So do the general complexity of security. These are the main factors that prevent your online security defenses from improving. Small businesses are more concerned with keeping up with new threats. As for the larger ones, they have more concerns about vendor security breaches, highlighting the fact that many companies can fail to care and act on a culture of internal security.