Trend Micro, ISMG Survey Reveals More Than Half of Organizations Were Victimized by Ransomware in 2016
December 27, 2016

DALLAS--(BUSINESS WIRE)--Trend Micro Incorporated (TYO: 4704TSE: 4704), a global leader in cybersecurity solutions, today announced results from the “Ransomware Response Study” of more than 225 U.S. organizations, which was conducted in partnership with Information Security Media Group (ISMG), a global security media organization. The survey assessed businesses’ preparedness for ransomware attacks, as well as how organizations have responded to such attacks over the past year.

More than half of respondents (53 percent) say they have been victims of an attack in the past year, and 42 percent are unaware of how frequently they are attacked. However, nearly three out of five (59 percent) security leaders believe their current ransomware defenses are above average or superior. These results show an apparent disconnect between the perception of organizational security defenses and the number of effective ransomware attacks.

“This survey reinforces the need for security leaders to understand their company’s defenses, and make calculated improvements to prevent and detect ransomware attacks in 2017,” said Ed Cabrera, chief cybersecurity officer for Trend Micro. “Security leaders often rely on backups and traditional defenses to protect against ransomware. Cybercriminals know this and understand that some regular security measures, like patching, vary greatly in frequency, and they will target these weaknesses quickly using exploit kits to deliver ransomware before a company can address the issue.”

Trend Micro has observed an average of 10 new ransomware families per month, and the survey confirmed this startling growth with nearly one in five (19 percent) organizations reporting they are each hit by ransomware more than 50 times per month. A majority of respondents (60 percent) pinpoint susceptibility of employees as the primary entry method allowing attacks to penetrate an organization, while 65 percent of ransomware stems from compromised websites, likely clicked on from an email by an unsuspecting employee.

“Ransomware became one the highest profile challenges facing cybersecurity professionals in 2016,” said Tom Field, vice president of editorial at ISMG. “Based on our research, we feel that nothing indicates a slowing down of this problem, in fact, we may have only scratched the surface. With organizations reporting that their own employees are their greatest threat exposure, I expect a drastic increase in training, awareness and vigilance across all organizations in 2017.”

Business disruption was reported as the greatest consequence from ransomware attacks (59 percent), followed by reputational damage (28 percent). IT leaders have largely resisted ransomware schemes, with nearly eight out of 10 respondents (77 percent) acknowledging they have never paid ransom as a result of an attack, while only two percent report they had paid.

Companies are relying heavily on data backup and recovery plans (78 percent of respondents) as the primary defense against ransomware. However, a holistic defense strategy to detect and prevent ransomware attacks from infiltrating an organization has proven to be most successful.

A multi-layered approach to security, as recommended by Trend Micro, with protection at email and web gateways, endpoints, networks and servers, will better protect businesses and mitigate the risk of ransomware.

The survey was conducted in mid-2016 and received more than 225 responses from a variety of industries in the U.S., including government, healthcare and financial services.

For complete results and additional assets related to the Ransomware Response Study, please visit:

About Trend Micro

Trend Micro Incorporated, a global leader in cybersecurity solutions, helps to make the world safe for exchanging digital information. Our innovative solutions for consumers, businesses and governments provide layered security for data centers, cloud environments, networks and endpoints. All our products work together to seamlessly share threat intelligence and provide a connected threat defense with centralized visibility and control, enabling better, faster protection. With more than 5,000 employees in over 50 countries and the world’s most advanced global threat intelligence, Trend Micro enables organizations to secure their journey to the cloud. For more information, visit

About ISMG

Information Security Media Group (ISMG) is the world’s largest media company devoted to information security and risk management. Each of its 28 media sites provides relevant education, research and news that is specifically tailored to key vertical sectors including banking, healthcare and the public sector; geographies from the North America to Southeast Asia; and topics such as data breach prevention, cyber risk assessment and fraud. Its yearly global Summit series connects senior security professionals with industry thought leaders to find actionable solutions for pressing cybersecurity challenges.




Trend Micro Incorporated
Erin Johnson, 972-499-6627

Public Company Information: