Radware Survey Finds Majority of Companies Paid a Hacker’s Ransom Over the Past Year

MAHWAH, N.J. June 12, 2018 06:00 AM

Businesses Face Increasing Legal and Technology Challenges When Securing Their Networks

Radware® (NASDAQ: RDWR), a leading provider of cyber security and application delivery solutions, released its 2018 Executive Application and Network Security Report. For the first time in the survey’s five-year history, a majority of executives (53%) reported paying a hacker’s ransom following a cyber-attack. This comes as technology and privacy concerns present greater challenges in improving overall security posture.

“A ransom payment may make the problem go away for now, but these types of responses won’t drive a business forward,” said Anna Convery-Pelletier, Chief Marketing Officer at Radware. “A reactionary security strategy limits an organization’s ability to secure customer data, protect their brand’s reputation, and achieve business goals. Investing in appropriate security solutions is no longer simply an IT expense, it is fundamental to a business’ long term success.”

According to the report, 69% of executives said that their company faced a ransom attack in the past year, compared with only 14% noting so in 2016. Meanwhile, two-thirds of executives (66%) report a lack of confidence in their network security, admitting their networks are penetrable by hackers.

Beyond more frequent ransom payments, organizations are facing significant consequences and concerns related to cyber-attacks. In a sign that consumers will not accept data breaches, 41% of executives noted their organization faced legal action from customers following a breach. At the same time, executives stated that their biggest concerns associated with cyber-attacks are customer loss (41%) and brand reputation loss (34%).

In the midst of all this, organizations still struggle to implement tools that would drastically improve their cybersecurity posture. While more than one in three (35%) executives noted that encrypted attacks would be detrimental to their organization, 41% reported that they continue to review the legalities of decrypting traffic on their network, a process needed to significantly reduce the threat of encrypted threats.

In addition, Radware’s 2018 Executive Application & Network Security Report revealed:

Have we reached an automation tipping point? The complexity of networks and changing attack vectors have led companies to invest in automated and machine-learning security tools. Over the past two years, 71% of executives report shifting network security spending to investments in automated security.

Gaps between clouds create major security risk. More than 90% of executives report using multiple public and private cloud environments as part of their companies’ IT infrastructure, and most companies host up to 50% of their business applications in the cloud. C-suite executives clearly understand that dispersing their network across multiple public and private clouds introduces security risks however. The vast majority of respondents (96%) are very or somewhat concerned about network vulnerabilities created by using multiple clouds.

“Businesses are trying to increase operational efficiency by moving to cloud infrastructure,” continued Convery-Pelletier. “Spreading apps across the cloud can increase network agility, improve scalability, and manage cost. However, most organizations only secure the individual cloud environments, and without looking at securing the network as a whole, they create gaps between the clouds.”

Executives reveal their most detrimental security threats: 38% of executives report daily or weekly attacks. Executives feared social engineering (38%), Ransomware (38%) and Malware (37%) as the most detrimental to their business, followed closely by IoT botnet powered DDoS attacks (35%), and Encrypted (35%) attacks.

Nation state attacks motivate security upgrades for American organizations. U.S. executives in particular were more likely than their peers in EMEA and APAC to say that attacks by nation-states have influenced security changes. More than half of U.S. executives pointed to nation-state threats as a motivator, while just 30% in the APAC region, and 41% in the EMEA region said so.

Companies react when peers are attacked. Approximately 61% of executives said that watching attacks on peer companies influenced their decision to change security policy. Almost as many, 59%, said attacks on their own organizations had prompted changes in their security posture.

The report provides a detailed analysis of the views and insights from more than 200 senior leaders at organizations across the globe. To read the full report on the survey’s findings, download it here.


On behalf of Radware, Merrill Research surveyed 232 executives from across the globe. To participate in the 2018 Executive Application & Network Security respondents were required to be a company with at least 250 million USD/EUR/GBP/RMB in revenue and hold a title of senior vice president level or higher. By design, the survey required at least half respondents to be C-level executives, though this year’s research attracted far more C-level corporate leaders. About half of the companies in the survey have 1,000 to 9,999 employees, averaging about 3,700. American respondents skewed highest in average number of employees at nearly 4,300.


About Radware

Radware® (NASDAQ: RDWR), is a global leader of cyber security and application delivery solutions for physical, cloud, and software defined data centers. Its award-winning solutions portfolio secures the digital experience by providing infrastructure, application, and corporate IT protection and availability services to enterprises globally. Radware’s solutions empower more than 12,500 enterprise and carrier customers worldwide to adapt to market challenges quickly, maintain business continuity and achieve maximum productivity while keeping costs down. For more information, please visit www.radware.com.

Radware encourages you to join our community and follow us on: Facebook, Google+, LinkedIn, Radware Blog, SlideShare, Twitter, YouTube, Radware Connect app for iPhone® and our security center DDoSWarriors.com that provides a comprehensive analysis on DDoS attack tools, trends and threats.

©2018 Radware Ltd. All rights reserved. The Radware products and solutions mentioned in this press release are protected by trademarks, patents and pending patent applications of Radware in the U.S. and other countries. For more details please see: https://www.radware.com/LegalNotice/. All other trademarks and names are property of their respective owners.

Safe Harbor Statement

This press release may contain statements concerning Radware’s future prospects that are “forward-looking statements” under the Private Securities Litigation Reform Act of 1995. Statements preceded by, followed by, or that otherwise include the words "believes", "expects", "anticipates", "intends", "estimates", "plans", and similar expressions or future or conditional verbs such as "will", "should", "would", "may" and "could" are generally forward-looking in nature and not historical facts. Because such statements deal with future events, they are subject to various risks and uncertainties and actual results, expressed or implied by such forward-looking statements, could differ materially from Radware's current forecasts and estimates. Factors that could cause or contribute to such differences include, but are not limited to: the impact of global economic conditions and volatility of the market for our products; changes in the competitive landscape; inability to realize our investment objectives; timely availability and customer acceptance of our new and existing products; risks and uncertainties relating to acquisitions; the impact of economic and political uncertainties and weaknesses in various regions of the world, including the commencement or escalation of hostilities or acts of terrorism; Competition in the market for Application Delivery and Network Security solutions and our industry in general is intense; and other factors and risks on which we may have little or no control. This list is intended to identify only certain of the principal factors that could cause actual results to differ. For a more detailed description of the risks and uncertainties affecting Radware, reference is made to Radware’s Annual Report on Form 20-F, which is on file with the Securities and Exchange Commission (SEC) and the other risk factors discussed from time to time by Radware in reports filed with, or furnished to, the SEC. Forward-looking statements speak only as of the date on which they are made and, except as required by applicable law, Radware undertakes no commitment to revise or update any forward-looking statement in order to reflect events or circumstances after the date any such statement is made. Radware’s public filings are available from the SEC’s website at www.sec.gov or may be obtained on Radware’s website at www.radware.com.

Contact Radware Sales

Our experts will answer your questions, assess your needs, and help you understand which products are best for your business.

Already a Customer?

We’re ready to help, whether you need support, additional services, or answers to your questions about our products and solutions.

Get Answers Now from KnowledgeBase
Get Free Online Product Training
Engage with Radware Technical Support
Join the Radware Customer Program

Get Social

Connect with experts and join the conversation about Radware technologies.

Security Research Center