Ransomware recovery time is longer and more expensive than most think

Here are some pretty ugly numbers and a look in to why I am so obsessed with helping people avoid infection. The sad part is, you can protect yourself pretty well with basic “security 101” stuff like  segmenting the network, “least privilege” access, weapons-grade backups and quality awareness training/simulated phishing. You don’t need to burn money to protect yourself.

  • 85 percent of those infected had systems forced offline for at least a week
  • 1/3rd of cases resulted in data being inaccessible for a month or more
  • 15 percent found that their data was completely unrecoverable
  • 63 percent of orgs have no official ransomware policy in place
  • About 50 percent of victims paid more than £3000 ($3700) in ransom
  • SMBs usually paid  between £500 ($621) and £1500 ($1864)

Those are pretty ugly numbers folks. My company has a free Ransomware Hostage Rescue Manual that can help prepare for this, as well as a free ransomware simulator you can use to check your endpoint protection settings and capabilities. Please, for the love of all that is good in the world, do something to prepare for ransomware attacks. No matter the size of your company, you need to be ready. Not to sound like a sales pitch, but the KnowBe4 platform starts at only about a buck per month/per user and gives you unlimited training and phishing with a really easy to use platform, so things that can make a big difference (and it really does!) aren’t even that expensive.


Erich Kron, Security Awareness Advocate at KnowBe4, is a veteran information security professional with over 20 years’ experience in the medical, aerospace manufacturing and defense fields. He is the former security manager for the 2nd Regional Cyber Center-Western Hemisphere and holds CISSP, CISSP-ISSAP, MCITP and ITIL v3 certifications, among others. Erich has worked with information security professionals around the world to provide the tools, training and educational opportunities to succeed in InfoSec

Leave a Reply