Datto recently surveyed over 1,400 of our managed service provider (MSP) partners across the globe to gain insight into their perspective on the current landscape of ransomware and cybersecurity. This report provides a wealth of detail on ransomware, including year over year trends, frequency, targets, impact, and recommendations for recovery and continuity in the face of the growing threat.

The report found that 85 percent of MSPs surveyed report ransomware as the most common malware threat to small-to-medium-sized businesses (SMBs). Here are a few of the biggest findings and tips to prepare against these threats:

  • Prepare Your Front Line of Defense: Our survey respondents revealed that phishing, a lack of cybersecurity training, and weak passwords are the top three causes of successful ransomware attacks. Too often, employees aren’t familiar with the signs of ransomware and therefore make their companies vulnerable to attacks. To mitigate the risk, it’s imperative to provide regular and mandatory cybersecurity training to ensure all employees can spot and avoid a potential phishing scam in their inbox, a leading entry point for ransomware.
  • Establish a Business Continuity Strategy: There’s no sure way of preventing ransomware, although antivirus, perimeter protection, and patch management are essential. Datto’s survey revealed that Business Continuity and Disaster Recovery (BCDR) is ranked as the number one solution for combating ransomware, with 92 percent of respondents stating that clients with BCDR products in place are less likely to experience significant downtime after a ransomware attack. A solid, fast, and reliable BCDR solution should be one part of the strategy to maintain operations despite a ransomware attack. Since ransomware can easily spread across networks and SaaS applications, endpoint and SaaS backup solutions designed for fast restores are also critical.
  • Implement Multiple Solutions to Prepare for the Worst Case Scenario: Today’s standard security solutions are no match for ransomware, as it can penetrate organizations in multiple ways. Reducing the risk of infections requires a multilayered approach, rather than a single product. These layered approaches can include BCDR, employee training, patch management, unified threat management, antivirus/anti-malware software, and more.
  • Have a Dedicated Cybersecurity Professional to Ensure Business Continuity: SMBs often rely on a “computer savvy” staff member to handle their IT support and not an IT expert. Our survey reveals that downtime costs are up by 200 percent year over year, and the cost of downtime is 23x greater than the average ransom, so it is well worth the investment to hire an individual who is focused on keeping your business and your clients safe. If a company cannot afford a complete IT staff for 24/7 cybersecurity monitoring, they should be leveraging a managed service provider (MSP) that has the time and resources to anticipate and protect a company from the latest cybersecurity threats.

To learn more about the current state of ransomware in the global channel, check out Datto’s State of the Channel Ransomware Report. In this report, you’ll find new data on ransomware attack frequency across SMBs and MSPs, ransomware defense measures MSPs are implementing, popular ransomware recovery methods, and more.


This post originally posted on the Datto blog from Chris Rudnick, senior director of demand generation at Datto Inc.