Major Survey of IT Pros Reveals Why Everything Gets Hacked All the Damn Time

A screenshot of the warning screen from a purported ransomware attack, as captured by a computer user in Taiwan.
Photo: AP

A new survey of IT professionals this week offers some deep insight into the premier challenges facing industries worldwide, from across the threat landscape.

More than 1,000 security employees in as many as 17 countries participated in the survey. Most said the biggest hurdle to mounting an adequate defense against cyber threats today is the lack of skilled personnel. (Poor security awareness and an inability to sift through enormous piles of data tied for second place.)


The survey, which included 1,200 respondents working in 19 industries, was compiled by CyberEdge Group, a research and marketing firm serving high-tech vendors and service providers.

More interesting is the feedback collected from respondents who said their organizations were infected with ransomware in the last year. (Ransomware tied with phishing attacks for the second most crucial security concern; the first, as per usual, is malware.)

Slightly more than half of the respondents’ organizations that actually paid a ransom to recover stolen or encrypted data—either in Bitcoin or some other anonymous currency—were unable to recover their data. In total, the report says, a little under 39 percent of the organizations resolved to pay.

“Flip a coin once to determine whether your organization will be affected by ransomware,” CyberEdge suggests. “If it will be, flip it again to determine whether paying the ransom will actually get your data back.”

Graphic: CyberEdge Group

Notably, the respondents said that of organizations that opted not to pay the ransom, only 13 percent were unable to recover their data. That 53 percent of ransomware victims managed to recover their data without paying is likely attributable to the use of offline backups.


Spain tops the list of countries most affected by ransomware, followed closely by China and then Mexico. Only 53 percent of US-based respondents said their organizations had been affected.

In decreasing order of frequency, the industries most affected by ransomware in 2017 were, according to the report: education, telecom & technology, manufacturing, retail, finance, government, and healthcare. Mid-sized organizations (5,000-9,999 employees) were affected the most, while those with between 500 and 999 employees were affected the least.


Ninety-one percent of the respondents aired one or more concerns about their companies’ data being migrated to the cloud. Maintaining regulatory compliance was last on their minds, while data privacy and confidentiality was of utmost concern. Controlling access to cloud data also ranked high on the list.

When it comes to vulnerability patching, roughly a third of the respondents said the biggest hindrance was finding time to take production systems offline. Nearly an equal number complained about a lack of qualified personnel. Remarkably, more than 20 percent acknowledged that patching takes a backseat to other security initiatives.

Graphic: CyberEdge Group

Respondents in the United States said their organizations allocate roughly 13 percent of their overall IT budgets to security—slightly less than those in Mexico, Brazil, Saudi Arabia, and South Africa. Organizations in Germany, Singapore, and Japan apparently designate the smallest percentage. (The global mean is 12.1 percent)


Generally speaking, the more employees, the greater the percentage of the budget earmarked for security. In no country did more than 5.6 percent of IT employees expect to see an increase in the security budget.

Only 68.3 percent of respondents said their organizations had network-based antivirus software deployed—and of those who don’t, 9 percent said there was no plans to deploy it in the future. More than 33 percent of the organizations apparently aren’t using a web application firewall and nearly 40 percent aren’t running any kind of intrusion detection system.


When it comes to endpoint security guarding desktops, laptops, and servers against threats, around 32 percent of respondents said their organizations aren’t running basic anti-malware software, and nearly 43 percent said they have no data loss or leak prevention protocols in place.

Deception technology (“honeypots”), which is one of the most useful tools for detecting hackers post-breach, is only used by roughly 47 percent of the respondents’ companies—more than 20 percent said they have no plans to use it.


“Mitigating today’s cyber threat risks takes more than investing in the right technologies,” CyberEdge notes. “You must ensure those technologies are both deployed optimally, configured correctly, and monitored adequately to give your organization a fighting chance of not making tomorrow’s front page news.”

Good luck!


Share This Story

Get our newsletter

About the author

Dell Cameron

Privacy, security, tech policy | Got a tip? Email: | Send me encrypted texts using Signal: (202)556-0846

PGP Fingerprint: A70D 517E FB9A 02C9 C56E 86D5 877E 64E7 10DF A8AEPGP Key
OTR Fingerprint: 2374A8EA 6D2B7712 0D82D659 C0FE8253 A3F080FD