Ransomware: Risk & relief cyber report

How endpoint security solutions mitigate ransomware threats.

In this report: The high cost of ransomware | About the survey | Key findings | Fit for tomorrow | Cybersecurity solutions

In the United States, publicly disclosed ransomware attacks1 are remarkably diverse, and no one is immune, from manufacturers to retailers, healthcare, financial services, real estate, law firms, and all other industries. And unfortunately, businesses and organizations that are targeted may see critical operations grind to a halt.

While some ransomware victims regain access to their data, it comes at a significant cost.  Both direct and indirect losses can happen after these attacks, including the potential erosion of customer and investor confidence. 

In this article, you'll learn more about the high cost of ransomware and hear from the IT leaders and cybersecurity decision-makers who responded to Mazars' survey. You'll also learn more about protecting your enterprise against ransomware, including the deployment of Mazars' high-level cybersecurity solutions. 

  • 68%

    increase in ransomware attacks
  • $80

    million ransom demands 

The high cost of ransomware 

Ransomware is big business. In its 2024 ThreatDown State of Malware report2, Malwarebytes reports that nearly half of the world's ransomware attacks targeted United States businesses in 2023. 

The report also shows a 68% increase in ransomware attacks, matched by ransom demands skyrocketing to amounts as high as $80 million.  

As such, it's essential for every enterprise, regardless of size, to have strong cybersecurity and deploy the latest, most effective solutions in the war on ransomware. 

Jump to: Key findings | Fit for tomorrow | Cybersecurity solutions

About the Mazars ransomware survey 

Mazars believes that today's business environment is one of persistent transformation, including breakthrough technologies and environmental, social, and political change. At the same time, stakeholders are demanding increased transparency. 

As part of our Fit for tomorrow initiative, we commissioned research consulting firm Censuswide3 to survey 1,000 IT and cybersecurity leaders. The respondents work at US-based organizations with annual revenues of $200 million to $5 billion across manufacturing, retail, healthcare, financial services, real estate, and other sectors.

Censuswide conducted the online survey from September 7-12, 2023. 

  • 48%

    of respondents said their organization had already endured a cyberattack. 
  • 52%

    of participants are concerned with a future data breach or ransom attack. 
  • 49%

    are looking for additional or improved security options. 

Key findings of the survey 

Are organizations doing enough to reduce their ransomware risk? Our survey explored multiple facets of this critical question.

The survey also revealed the extent of the threat. A total of 48% of respondents said their organization had already endured a cyberattack. This typically led to an immediate adjustment in corporate security strategies.

Nonetheless, apprehension remains. More than half (52%) of the study participants are concerned about a future data breach or ransomware attack. And 49% are looking for additional or improved security solutions. 

Notably, respondents have a degree of optimism in the face of the ransomware threat, with 66% indicating a level of comfort with their organization's capacity to resist attacks. However, 13% remain somewhat uncomfortable with their company's ransomware response.

While many responded that they felt prepared for a ransomware attack, a Fortinet report4 finds that 78% of organizations felt prepared, and half still fell victim.

Paul Truitt

Despite companies claiming preparedness against ransomware attacks, many still fall victim due to a gap between perceived and actual readiness, often stemming from insufficient investment in robust cybersecurity measures.

Paul Truitt Principal, Cybersecurity Practice Leader

Implementation of safeguards 

Many companies are taking steps to mitigate the threat of ransomware attacks. They embrace safeguards like: 

  • Network segmentation
  • Intrusion detection and prevention
  • Endpoint detection and response
  • Disaster recovery and data backup strategy
  • Incident response planning and tabletop testing

However, the implementation of proven safeguards is still spotty.

Consider network segmentation, a crucial strategy restricting attacks to a single department or unit. Only 33% of those surveyed say network segmentation is deployed at their enterprise, with higher revenue businesses more commonly embracing the strategy – 41% percent of those with $4-$5 billion in revenue. 

The problem of inconsistent implementation extends to other mitigation strategies. Only 29% of those polled have implemented intrusion detection and prevention systems. This includes ransomware assessments that reveal vulnerable attack surfaces.

Security gaps appear in many places, including on-premises networks, endpoint setups, cloud application configurations, and authentication and encryption systems. 

Only 27% of respondents have deployed endpoint security solutions to detect, prevent, and respond to attacks.

This is particularly important because strong endpoint detection and response software is critical to identifying and stopping access through the network's most common initial entry point.

Barriers to implementation 

IT leaders cite a number of barriers that inhibit the response to ransomware threats, with 41% noting the problem of siloing, up to 52% at companies with $4-$5 billion in annual revenue.

Additionally, 34% of respondents admit that inadequate endpoint security remains a concern, and another 33% feel that remaining legacy systems further increase vulnerability.

About 32% of respondents cite problems with leadership's resistance to change and/or a lack of executive and managerial support for cybersecurity initiatives. 

Testing cyber defenses

Testing cybersecurity defenses is another way to mitigate the ransomware threat. Unfortunately, some companies do not perform penetration testing regularly. In fact, only 59% of respondents have ever conducted penetration tests to assess cyber defenses. 

While 54% have completed a ransomware tabletop exercise, 8% have no such plans.

Finances are part of the problem, with 33% of respondents saying they struggle to find the dollars and talent to prepare for such exercises.

Surveyed IT leaders rely on third parties to shore up their cybersecurity defenses, with 72% saying it is likely and 23% saying it is very likely they'll seek outside help. 

Endpoint security solutions

Endpoint security protects servers, mobile devices, and workstations from malicious cyberattacks. It delivers protection both in networks and the cloud, acting as a vital alternative to traditional antivirus software.

For many enterprises, advanced EDR is a game changer, fortifying defenses in the face of the shortcomings of antivirus software and addressing the explosion of data in the Internet of Things (IoT) age. 

39% of those surveyed believe EDR's key benefit is extending protection to a broader range of devices. This includes those interacting with the IoT. And 36% see endpoint security improving defenses against common breaches, including malware.

In addition to ransomware, EDR targets phishing, file-less attacks, and more. 

A third of respondents see centralized network visibility as another benefit. This increases to 41% among companies with $4-$5 billion in revenue.

Security awareness training enhances endpoint solutions. 

A well-trained workforce significantly reduces the risk of a cyberattack. Still, only 25% of those surveyed said employees at their organizations have been trained to address the ransomware threat. In fact, 31% said that a lack of training is one reason ransomware defenses aren't what they could be. 

Not surprisingly, a similar number of respondents want to see more significant development of training resources. With 28% endorsing real-life examples to convey the significance of cyber threats

Another 26% endorse gamification to enhance training, and 22% look for simulations and interactive workshops to empower the workforce further. 

Many respondents want to cultivate a culture of active learning within the workforce. To that end, 29% of survey participants seek rewards for those contributing to cybersecurity success. Another 22% of respondents want leaders to promote a robust security culture.  

Privacy in play

The survey also revealed shortcomings in protecting privacy. Still, 62% confirmed the presence of a privacy officer overseeing such matters, with only 9% stating they’re unsure if their company employs such an individual.

There is also some uncertainty about corporate privacy statements, with 53% stating they aren't sure if there is a privacy statement on their company's website. 

Despite this, most organizations are confident they are ready for related regulatory changes. Almost 80% of respondents believe their organizations are poised to address updates to the regulatory landscape. 

Coping with the pace of AI innovation

Generative AI was the most disruptive technology of 2023. A Gartner report5 estimates that, by 2026, four out of five enterprises will have incorporated AI into their operations.

The proliferation of AI platforms poses a new threat to the security of proprietary information. While many see the challenge posed by company data seized for use by AI, relatively few are taking specific actions to mitigate that threat. 

For example, only 27% of companies use privacy impact assessments before exposing the material to AI. Similarly, just 26% engage in periodic audits of security vulnerabilities. 25% examine vendor due diligence, with an additional 25% ensuring strict compliance with US and EU data regulations. Only 24% are putting forth effort on data encryption and anonymization. 

Fortunately, most enterprises at least consider threats posed by AI to some extent. According to the survey, 55% evaluate their private AI deployments in advance, and another 32% reported that evaluative methods are under development. Such deployments reduce the risks inherent in letting sensitive data get to public AI platforms. 

Finally, 78% of respondents say they intend to go outside their organizations to obtain needed AI insight and expertise. 

Many of the decision-makers surveyed acknowledge the cybersecurity threat AI poses, including the impact on proprietary information. As many as 33% of respondents also see it as a potential force for good, including the possibility of enhancing endpoint security solutions. 

Jump to: The high cost of ransomware | About the survey | Cybersecurity solutions

Fit for tomorrow: Cybersecurity 

The gulf between proactive and reactive cybersecurity runs wide and deep. Enterprises have a choice —either to invest to prevent (or very quickly identify and respond to) a ransomware attack or risk the substantial costs of enduring one. Such incursions create impacts long after they occur. News of ransomware attacks threatens to instill doubt among clients, shake investor confidence, and tarnish one's brand. 

Today's cybersecurity decision-makers must keep a watchful eye trained on established and emerging threats. Siloing remains an obstacle, as are high-level executives who do not cultivate an enlightened cybersecurity culture. 

The emergence of AI opens new fronts in the war on ransomware. Cybercriminals may exploit AI to find new points of entry into computer systems. This accelerates the speed at which progressive IT leaders must embrace the latest defenses. 

The explosion of big data is another concern. Deploying advanced systems and modern technologies creates more data, which must be protected. One projection estimates there will be 17 billion6 IoT devices worldwide by 2024, soaring to 27 billion before the decade's end. 

The days of installing antivirus software on all devices are long gone. The proliferation of devices in the office, field, and work-from-home environments demands a sophisticated response. And, the IoT multiplies the volume of data subject to exploitation many times over.

In this complex digital environment, endpoint security solutions help to lock down every type of technology.  

Cybersecurity pros must mitigate current risks while anticipating the threats of tomorrow. Proactive cybersecurity initiatives are essential. Organizations must identify potential risks and exposure points before it is too late, with continuous monitoring and penetration testing being critical. 

The ransomware threat remains despite the arrival of more sophisticated endpoint security solutions. Successful mitigation calls for a measured, focused response employing advanced cybersecurity expertise.  

Jump to: The high cost of ransomware | About the survey | Key findings 

Cybersecurity solutions from Mazars 

Look to Mazars for effective solutions to modern cybersecurity threats, including ransomware. Mazars' Cybersecurity Managed Services provide essential mitigation strategies, including penetration testing, managed detection and response (MDR), and vulnerability management. Complete Mazars' Cyber Maturity Evaluation today and get recommendations tailored to your enterprise's unique needs.         


  1. https://www.techtarget.com/searchsecurity/feature/Publicly-disclosed-US-ransomware-attacks-in-2023  
  2. https://www.prnewswire.com/news-releases/ransomware-attacks-increased-by-68-in-2023-according-to-malwarebytes-new-2024-threatdown-state-of-malware-report-302054116.html 
  3.  https://censuswide.com/  
  4. https://technologymagazine.com/articles/half-of-organisations-fell-victim-to-ransomware-attacks
  5. https://www.zdnet.com/article/80-of-enterprises-will-have-incorporated-ai-by-2026-according-to-a-gartner-report/
  6. https://www.statista.com/statistics/1183457/iot-connected-devices-worldwide/                                 

The information provided here is for general guidance only, and does not constitute the provision of tax advice, accounting services, investment advice, legal advice, or professional consulting of any kind. The information provided herein should not be used as a substitute for consultation with professional tax, accounting, legal or other competent advisers.

Learn more