Philippine companies paid $1.6 million on average through the nose for ransomware attacks in 2022, making the country the third most-extorted by ransomware in the world next only to Japan and the Netherlands, according to cybersecurity firm Sophos.
The figure is double the global average of ransomware payouts, at $812,360. It also cost Philippine companies on average $1.34 million to recover from ransomware attacks in 2021 alone. All of this is in spite of 90% of the Philippine companies surveyed having either full or partial cyberinsurance coverage.
The data comes straight from Sophos’ survey report, “The Future of Cybersecurity in the Asia Pacific and Japan,” which was done in collaboration with Tech Research Asia (TRA). The study was conducted from January to February, 2022, and included 5,600 respondents from 31 countries, representing companies with anywhere from 100 to 5,000 employees.
Sophos’ global solutions engineer Aaron Bugal explained: “Even with the additional investment, organizations need to ensure they are not overstating their maturity levels and implementing threat hunting solutions, leading to complacency. With increased maturity and investment, one would think successful cyberattacks would decline. However, they continue to wreak havoc… With this in mind, organizations must review their cyber strategies regularly and address the gaps.”
Bugal underscored the need for Philippine companies to be more proactive in defending against ransomware attacks which, according Sophos data, is consistently becoming more frequent – and often simultaneously from multiple sources.
“Organizations must be active in combatting cyberattacks, with threat hunting functioning as an always-on activity and not a once or twice a year exercise. Organizations must constantly be on the front foot to identify and thwart attacks, and regular and consistent threat hunting is key to this; failure to do so means organizations will remain vulnerable,” Bugal concluded.
