While ransomware is not a new phenomenon, 2020 brought a significant acceleration of attacks capitalizing on the pandemic-forced shift to remote work, the proliferation of Initial Access Brokers and the ready availability of ransomware as a service. With all of the headlines and hype, we wanted to understand the true perspectives of those who shoulder the burden of responsibility for managing the impacts of ransomware on a business: Chief Information Security Officers (CISOs).
In August 2021, we conducted a study of these seniorlevel executives to assess their ransomware experiences, concerns, and priorities for protecting their organizations going forward. This report, reflecting input from over 250 CISOs, presents what we learned.