Tripwire Survey: Organizations Lack Ransomware Recovery Plan Despite Increased Awareness

PORTLAND, Ore. — July 12, 2016 — Tripwire, Inc., a leading global provider of endpoint protection and response, security and compliance solutions, today announced the results of a survey of over 400 information security professionals who attended Infosecurity Europe 2016. The conference took place June 7-9, 2016, at the Olympia Conference Centre in London.

According to Tripwire’s survey, ninety-three percent of information security professionals believe ransomware attacks will continue to escalate in 2016. In addition, over half (fifty-six percent) identified ransomware as one of the top three security concerns at their organizations. However, when asked if their companies could recover from a ransomware infection without losing critical data, less than one-third (thirty-two percent) of the respondents said they are “very confident” they could do so.

“Ransomware delivers a great return on investment, so it’s not surprising that it is expected to be a growing problem for the foreseeable future,” said Travis Smith, senior security research engineer for Tripwire. “While prevention is the goal for every organization, being able to respond to an infection is every bit as important.” 

The FBI has reported that ransomware attacks amassed over $200 million during the first three months of 2016, signaling that cyber criminals are currently on track to gain over $1 billion through ransomware by the end of the year. Ransomware infections can be spread through a variety of tactics, including spear phishing, malvertising, exploit kits, and more.

“Following the 3-2-1 backup rule is a good first step to prepare for a ransomware infection,” said Smith. “You will need to have three copies of your data on two different types of media, with at least one of those copies being stored off-site. Organizations should continually test recovery procedures on these backups to keep the cost of restoring data as low as possible. In the end, paying a ransom may be determined by these efficiencies.”

For more on Tripwire’s survey, please visit:

About Tripwire

Tripwire is a leading provider of security, compliance and IT operations solutions for enterprises, industrial organizations, service providers and government agencies. Tripwire solutions are based on high-fidelity asset visibility and deep endpoint intelligence combined with business context; together these solutions integrate and automate security and IT operations. Tripwire’s portfolio of enterprise-class solutions includes configuration and policy management, file integrity monitoring, vulnerability management, log management, and reporting and analytics. Learn more at, get security news, trends and insights at or follow us on Twitter @TripwireInc.

Press Contacts

Ray Lapena
PR Manager