Security News > 2022 > April > Broader investment in cybersecurity beginning to pay dividends
While ransomware was involved in 37 percent of 1,270 incidents the firm handled during 2021, up 10 percent on 2020, today's Data Security Incident Response Report [PDF] suggests that growing uptake of mitigation techniques like multifactor authentication and backups are driving the price of ransoms down.
"More organizations have invested in improving their data backup capabilities and are able to continue at least partial operations after a ransomware incident, which puts them in a better position to negotiate for a longer period of time and reach a greater discount for the ransom demand, if the need to pay arises," the firm claims.
The broader embrace of cybersecurity tools and measures means companies have also become more capable of identifying breaches.
"Additionally, the notification timeline is trending down due in part because threat actors are more quickly providing information about the data they stole. This then informs the forensic investigation, which can focus on the systems from which the data came, giving a better and earlier understanding about the data involved, thus enabling earlier notification timelines."
Official advice in the Anglosphere is not to cave to ransomware demands because it only serves to affirm the attack method as a viable business model for criminals.
You can read The Reg's special feature on what to do when you're hit by ransomware - including advice on your interaction with insurers and cyberexperts you might hire afterwards - here; our special on corporate ransomware-as-aservice gangs here; and our conversation with an ex-cop who works as a ransomware negotiator here.