Datto’s Global State of the Channel Ransomware Report
The following is a summary of Datto's Global State of the Channel Ransomware Report. Each year, Datto surveys managed service providers (MSPs) around the globe for their insights on the cybersecurity landscape.
For their fifth annual report, Datto collected responses from more than 1,000 global managed service providers (MSPs) and found that ransomware still remains the most common malware threat to SMBs and while ransoms are pricey (~$5K), the real cost is in downtime and loss of productivity due to the time-consuming recovery that often follows an attack.
COVID-19 has had an impact on security. 59% of MSPs said remote work due to COVID-19 resulted in increased ransomware attacks. MSPs report that healthcare was the most vulnerable industry during the pandemic (59%), followed by finance/insurance (50%), and government (45%).
SMBs remain top targets for ransomware attacks. Ransomware is still the #1 malware threat SMBs face—nearly 70% of MSPs report SMBs have been hit with ransomware.
Downtime costs are on the rise. MSPs reported that the average downtime cost per incident has increased by 94% from 2019. Downtime costs are nearly 50X greater than the ransom requested in 2020. This all speaks to how critical it is to have backup and recovery measures in place to mitigate the risk of downtime.
Downtime has major implications on productivity. The aftermath of an attack creates massive disruption. MSPs said 62% of clients’ productivity was impacted due to attacks, and 39% said their clients experienced business-threatening downtime.
91% of MSPs said clients with business continuity disaster recovery (BCDR) products in place are less likely to experience significant downtime from ransomware. BCDR was ranked most effective to combat ransomware followed by employee training, endpoint detection and response platform, and patch management.
SMBs recognize the importance of security measures. 50% said their clients' increased budget for IT security in 2020. Increased IT security spending shows that SMBs are beginning to take ransomware, and security in general, more seriously.
SMBs are not the only businesses being targeted. 95% of MSPs state that their own businesses are increasingly being targeted with attacks. Almost half (46%) of MSPs partner with managed security service providers (MSSPs) for assistance with IT security—for their clients and their own businesses.
The COVID-19 pandemic has accelerated the need for stronger security measures as remote working and cloud applications increase in prevalence. Reducing the risk of cyberattacks requires a strategic, multi-layered approach because no one product can combat the complexity and sophistication of attacks today.
While phishing attacks remain one of the biggest points of entry (54% of MSPs report), poor user practices (27%), and a lack of cybersecurity education (26%) are also reasons SMBs continue to be vulnerable to attacks. Putting in place critical security measures, increasing cybersecurity education and awareness, and multi-layered continuity strategies will be necessary for both MSPs and SMBs to protect themselves against ongoing cyber threats.
