Sophos Ransomware Report 2021 Summary, Cybersecurity Failures | The Cyber Review

May 3, 2021
Written by Ana R.

Ransomware: don’t expect a full recovery, however much you pay

From demanding ransom in the 80s via international banking to using bitcoin today, it has become easier for cyber criminals to demand ransom and collect payments with no guarantee of a full recovery of the system or deletion of the stolen data—so don't except a full recovery no matter how much you pay.

Many ransomware groups attack large companies and demand millions sometimes, and some groups even run their own portals where they publish confidential information about people who don't pay.

The Sophos ransomware report found that 37 per cent of organizations (total 5400 were surveyed), were hit by ransom last year. This is much lower than 51 per cent that were hit the year before.

Of all the companies that either decided to pay up or were forced to do so, only about one-third of them got less than half their data back, and about half of them lost more than a third of their data.

There were also 4 per cent of victims who paid up yet got nothing for their money at all.

The ones that had everything recovered after paying was only 8 per cent.

In summary: 92 per cent of victims lost at least some data, and more than 50 per cent of them lost at least a third of their precious files, despite paying up and expecting the data would be restored.

What to keep in mind:

  1. Assume you will be attacked. It's better to be prepared for an attack regardless of your company size or industry.
  2. Make backups. As found in the survey results, even if you pay ransom, there is only a small chance you will get all your data back and fully recovered. There's also no promises the cyber hackers will actually delete your data either.
  3. Use layered protection. Use different ways to block attackers.
  4. Use human expertise and technology. This is the best combination for automated protection and detecting techniques for when an attacker is hacking.
  5. Don't pay ransom. If you do decide to pay, keep the data in mind that not all your files will be restored.
  6. Have a malware recovery plan.

Top Emerging Risk: Cybersecurity Control Failures

In a recent survey by Gartner, "cybersecurity control failures" was the top risk resulting from the pandemic. The rapid shift to remote work brought on by the pandemic was one of the main causes of cybersecurity control failures, and the lack of controls before were amplified during this time.

Security and IT teams had to quickly change their risk postures from a focus on securing on-site operations to developing and implementing remote work access policies in a matter of days.


Canadian cybersecurity leaders say the field needs community to grow and be more diverse.

Each female panelists said a need to foster mentorship and community to not only make the cybersecurity career path easier for everyone, but those people who might not feel welcome in the first place.

Since cybersecurity is a relatively new industry with a skills gap, mentorship can be challenging. Many of today’s experts are still creating the technologies and best practices of tomorrow thus making it harder to find mentors.

One important point from the panel was that people from different background and experiences bring different perspectives and that is important is the world of cybersecurity. There are also many different types of roles in the industry, from sales and marketing, to coding and logistics. Thus, the stereotypical view of someone who works in cybersecurity is someone who loves to code and knows the ins and outs of hacking, which is not true.