Companies would pay ransom to hackers to avoid attack: Survey

Nearly a quarter of companies (24.6%) say they would be willing to pay hackers a ransom to prevent a cyberattack, a new survey finds. To stop cybercriminals from releasing sensitive information, 14% of companies would pay a ransom in excess of $1 million, according to a survey of 209 information technology security professionals worldwide by the Cloud Security Alliance.  The survey, The Cloud Balancing Act for IT: Between Promise and Peril, found that one factor influencing willingness to pay is whether or not the company has cyber insurance, which would cover the cost, the report said. About 28.6% of companies with cyber insurance say they would pay ransom, compared with 22.6% for companies without such insurance policies.

The survey also found:
•The top barrier to stopping data loss in the cloud is a lack of skilled security professionals. Is security analyst the next hot job opportunity?
•Customer relationship management (CRM) is the most widely used cloud-based system of record today, but companies have plans to move other systems to the cloud
•Cloud confidence rising: 64.9% of IT leaders think the cloud is as secure or more secure than on-premises software
•CISOs play an important role in security – having one makes a company more likely to take steps to prepare for a cyber attack

“Employees and the line of business are key elements in driving corporate cloud adoption. IT professionals we surveyed receive, on average, 10.6 requests each month for new cloud services. Even considering there is likely overlap in these requests, that’s a tremendous number of cloud services that must be vetted,” the survey said. “Perhaps that’s why 71.2% of companies now have a formal process for users to request new cloud services. However, these programs are still evolving. Of companies with a formal process, 65.5% indicated that they only partially follow it.”
As quickly as companies are responding to requests to enable cloud services, they may not be responding quickly enough or sufficiently to meet the demand, the survey said. An overwhelming majority of IT professionals surveyed, 71.3%, said their companies have plans to offer more support for cloud to the lines of business.

Much of the attention on cloud adoption has been focused on innovative social media, file sharing, content sharing, and communication applications. However, most businesses also rely on back end systems that at their core maintain records on employees, customers, and materials as they move through the supply chain. Companies are beginning to move these applications to the cloud as well.
In terms of barriers to cloud adoption, the primary obstacle noted by 67.8% of companies was the ability to enforce their corporate security policies. Next, 61.2% of companies said that concern about complying with regulatory requirements was a barrier. Budget-related constraints do not appear to be a major hesitation when it comes to replacing a legacy on-premises system of record with a cloud based equivalent.