9 of 10 companies made ransomware payments in 2023: ExtraHop

The average cost of ransomware payments was $4.49m (US$3.3m) per company last year.

A staggering 95.7% of companies in Singapore paid ransom following cyberattacks last year, whilst 60% still succumb to old and vulnerable systems.

ExtraHop's third edition of the “Global Cyber Confidence Index” said that the average cost of ransomware payments in 2023 was $4.49m (US$3.3m) per company before adding in the unrealised costs associated with remediation.

ExtraHop also reported that of the 100 respondents in Singapore, 98% of IT and cybersecurity decision-makers said they are confident in their organisation’s ability to manage cyber risk. Still, most of them said they are frequently victims of ongoing threats and are falling behind when it comes to identifying and remediating threats.

MORE LIKE THIS: Singapore SMEs’ cyber risk awareness declines: report

Around 20% of organisations said ransomware was the biggest risk for them, the report said. 

ExtraHop said organisations experienced at least eight ransomware incidents in the last 12 months, almost at par with the global average of 7.75. Downtime due to the attack averaged 42 hours, it added. 

“Singapore organisations are overwhelmed by a multitude of barriers holding them back from effectively managing cyber risk, citing insufficient budgets (22%), immature risk management processes (18%), outdated technology (16%), insufficient personnel resources (15%), the inability to catch up in a fast-paced industry (13%), and a lack of alignment between the cybersecurity organisation and the business (13%),” ExtraHop said.

To address these challenges, 49% said using artificial intelligence and machine learning to help manage and mitigate cyber risk is a top priority for them this year. Some 47% said implementing zero trust is another area to focus on in 2024.

US$1=S$1.36