Managed Security Services

OpenText’s 2023 Survey Uncovers Optimism Bias in Business Ransomware Threat Perceptions

Cyber Security, Phishing, E-Mail, Network Security, Computer Hacker, Cloud Computing

There is a significant optimism bias among businesses, with many underestimating their vulnerability to ransomware attacks, according to a new survey.

OpenText's 2023 Cybersecurity Global Ransomware Survey has revealed that, despite nearly half of small-to-medium sized businesses (SMBs) and enterprises experiencing such attacks, a substantial portion still believes they are unlikely targets.

Understanding the Perception Gap in Ransomware Vulnerability

The survey highlighted a startling perception gap among businesses concerning ransomware threats. 

Alarmingly, 65% of SMBs and 54% of larger enterprises do not consider themselves at risk or are unsure about their susceptibility, despite 46% having already faced ransomware attacks.

The Rising Concern of AI in Cybersecurity Threats

One of the survey’s key findings is the escalating concern over the role of artificial intelligence (AI) in cybersecurity threats. 

A significant 54% of businesses, encompassing both SMBs and enterprises, expressed heightened anxiety about the potential for increased ransomware attacks due to the advancement of AI technologies in cybercrime.

Proactive Cybersecurity Initiatives Amidst Complacency

Notwithstanding the prevalent optimism bias, businesses are not entirely complacent. The data shows that 57% of SMBs and 53% of enterprises plan to augment their security budgets in 2024. Additionally, efforts to strengthen cybersecurity teams are underway, with 44% of SMBs and 43% of enterprises intending to expand their cybersecurity workforce.

Insights from OpenText Cybersecurity Leadership

Prentiss Donohue, Executive Vice President, OpenText Cybersecurity, emphasized the dangers of complacency: 

"The conviction ‘it won’t happen to me’ is a risky mindset. Cyberattacks have become increasingly common and can have serious consequences; no business is immune to an attack. While many businesses take the right defensive steps like using access controls, deploying backup and monitoring for threats, a layered security approach that includes education remains the best defense against ransomware. Ongoing education of the risks as well as the techniques used to perpetuate an attack is essential to avoid falling victim."