RiskRecon: Orgs With Poor Cybersecurity Hygiene Have 40x Higher Rates of Destructive Ransomware

RiskRecon, a Mastercard company, recently announced new research “Analyzing the Cybersecurity Hygiene of Ransomware Victims," which analyzed the cybersecurity hygiene on the day of ransomware detonation for 622 organizations spanning 633 ransomware events occurring between 2017 and 2021.


We spoke with RiskRecon CEO Kelly White about the research and what organizations can glean from the findings.

What is most notable about this research?

Organizations that have poor cybersecurity hygiene in their internet-facing systems have 40x higher rates of destructive ransomware events than those that maintain good cybersecurity hygiene. What was surprising, if anything?

The cybersecurity hygiene characteristics of the average ransomware victim stand in stark contrast with the overall population of similar companies. For example, ransomware victims have an 11x higher rate of critical software vulnerabilities and a 3.3 times higher rate of unsafe network services in their internet-facing systems. These are two of the most common conditions criminals exploit to initiate their ransomware attacks. What can organizations action based on these findings?

First, look in the mirror at your own cybersecurity hygiene. Is your environment one rife with vulnerabilities that criminals commonly exploit? If so, then clean it up and keep it clean. In doing so, you will constrict the common vectors through which criminals initiate ransomware attacks. Second, do business with companies that maintain good cybersecurity hygiene. Suppliers who maintain good hygiene have a dramatically lower frequency of bad risk outcomes such as ransomware and data loss events. Cybersecurity ratings make it sort the good from the bad.


###