"Financial Services Firms Spend Over $2m on Ransomware Recovery"

According to new data from Sophos, global financial services firms spent more than $2m on average recovering from a ransomware attack last year. The UK security vendor polled 550 IT decision-makers in mid-sized financial sector firms around the globe to compile its State of Ransomware in Financial Services 2021 report. The researchers found that a third (34%) of firms in the financial services were hit by ransomware in 2020, with half (51%) admitting their attackers managed to encrypt data. Although most (62%) were able to restore scrambled data from backups, the recovery costs ascribed to victim organizations from the sector were much higher than the average across all other sectors ($1.85m). The figure is also surprising considering that only a quarter (25%) of financial services victims paid the ransom demand, the second-lowest payment rate of all industries surveyed and below the global average of 32%. The researchers claimed the high cost of recovery is partly down to the highly regulated nature of the sector, with firms forced to adhere to multiple compliance mandates, including PCI DSS, SOX, and GDPR.

Infosecurity reports: "Financial Services Firms Spend Over $2m on Ransomware Recovery"