Cohesity Research Reveals U.S. Consumers’ Distrust of Corporate Ransom Payouts

SAN JOSE, Calif.--(BUSINESS WIRE)--New research from Cohesity, a leader in next-gen data management, reveals how Americans feel about corporations giving in to the demands of ransomware attackers – and the bottom line is that Americans don’t feel good about it.

This research is based on an August 2021 survey commissioned by Cohesity and conducted by Propeller Insights of more than 1,000 adult U.S. consumers between the ages of 18 through 75 and older, all of whom have heard of ransomware.

• 40% of Americans surveyed said that they think companies hit by ransomware attacks should not pay the ransom.
• More than half of those surveyed, 55%, said that companies that do pay ransoms encourage ransomware and bad actors.
• 43% of respondents think that ransom payments will raise the price of goods and services.
• 23% of those surveyed said that they would stop doing business with a company that paid the ransom, and 48% said while they can’t say yes or no, they would give it a lot of thought as it concerns them greatly.

“Ransomware attacks are so prevalent that they are now part of our collective consciousness,” said Brian Spanswick, chief information and security officer, Cohesity. “And our research indicates that when businesses pay the ransom, they run the risk of losing consumer confidence and prompting people to take their business elsewhere.”

Consumer Awareness on Ransomware is High

More than three-fourths of US consumers (81%) said that they were familiar with the recent ransomware attacks on Colonial Pipeline, JBS Holdings, Kaseya, SolarWinds, and U.S. hospitals.

21% said they believe or are aware that their company has been impacted by ransomware attacks, while 22% said that a company they do business with was hit by a ransomware attack.

Consumers surveyed believe the top five industries most vulnerable to ransomware attacks include, respectively, government, financial services and insurance, oil and energy, healthcare and pharmaceutical, and technology.

What Would Cause Consumers to Lose Confidence

When asked what would cause consumers to lose confidence in a company that was hit by ransomware:

• 55% of US consumers surveyed stated they would lose confidence in a company that didn’t have proper security and data management protocols in place to protect their data.
• 54% of respondents would lose confidence if their personal data was impacted.
• 47% of respondents would lose confidence if the company wasn’t forthcoming about the attack.
• 29% would lose confidence if the attack resulted in an inconvenience for that respondent.
• 22% of respondents stated they would lose confidence if the company paid the ransom.

Many Consumers Believe Companies Can Do More to Protect Data

When asked if consumers believe organizations are doing enough to protect their data, 42% answered either “it’s unlikely” or “no.”

Consumers are quick to point out what organizations can do to improve data protection.

• 61% of respondents believe companies must regularly test their systems for threats.
• 59% believe companies should install security software.
• 54% stated that companies should embrace next-gen data management strategies that enable them to back up, protect, detect, and respond to potential threats.
• 47% of Americans surveyed believe companies should enable multi-factor authentication.
• 39% believe companies should require stronger passwords.

“No organization is immune from ransomware attacks,” said Spanswick. “But enterprises that implement modern security and next-gen data management strategies and can quickly recover if they are attacked – without having to pay the ransom – are the ones that will win favor with consumers over those that can’t.”

About Cohesity

Cohesity radically simplifies data management. We make it easy to protect, manage, and derive value from data – across the data center, edge, and cloud. We offer a full suite of services consolidated on one multicloud data platform: backup and recovery, disaster recovery, file and object services, dev/test, and data compliance, security, and analytics – reducing complexity and eliminating mass data fragmentation. Cohesity can be delivered as a service, self-managed, or provided by a Cohesity-powered partner.

© 2021 Cohesity, Inc. All rights reserved. Cohesity, the Cohesity logo, Helios, and other Cohesity marks are trademarks or registered trademarks of Cohesity, Inc. in the US and/or internationally. Other company and product names may be trademarks of the respective companies with which they are associated.