News, Trends, and Insights for IT & Managed Services Providers
News, Trends, and Insights for IT & Managed Services Providers
Business of Tech | Ransomware Recovery Gaps Expose Overconfidence: Why IT Providers Must Focus on Real World Incident Testing

Let’s talk security and where to focus your attention.  

Companies overestimate their cyber resilience, with many unable to meet business recovery goals after ransomware attacks. A survey revealed that nearly 70% of IT leaders paid ransoms despite policies against it, and almost half needed over six days to recover core processes. While 80% express confidence in their resilience strategies, actual recovery times often exceed expectations, highlighting a significant disconnect between perceived and actual capabilities.

Tenable’s research indicates that only 3% of vulnerabilities pose significant cybersecurity risks, highlighting the need for organizations to adopt a proactive defense strategy. The study utilizes the Vulnerability Priority Rating (VPR) model to prioritize vulnerabilities, revealing that those with a VPR above 9.0 are high-priority targets. This approach aims to help cybersecurity teams focus on the most dangerous threats rather than being overwhelmed by fragmented data.

Research indicates that most ransomware attacks occur between 1 a.m. and 5 a.m., taking advantage of off-duty security professionals. Global ransomware incidents rose by 33% over the past year, with significant increases in the U.K. (67%) and U.S. (63%). Smaller ransomware groups are becoming more active, with their share of attacks rising from 25% to 31%. The services industry is the most targeted, while the U.S. accounts for nearly half of all attacks globally. Attackers increasingly use living-off-the-land techniques to evade detection, resulting in faster attack timelines.

Online scam cycles have become shorter and more effective, with 43% of scam revenues tracked by Chainalysis sent to newly active wallets, indicating a rise in new scamming campaigns. The average duration of scams has decreased from 271 days in 2020 to just 42 days in 2024. Scammers are shifting towards smaller, targeted operations, quickly discarding old infrastructure to evade detection, which is seen as more profitable and less risky than larger schemes.

The ‘2024 Unit 42 Attack Surface Threat Report’ by Palo Alto Networks reveals that critical sectors like insurance, pharmaceuticals, and manufacturing face evolving cybersecurity threats, particularly AI-driven attacks. Key findings include an average of over 300 new services added monthly, high-risk exposures primarily in IT infrastructure, and significant vulnerabilities in remote access and business operation applications. The report emphasizes the need for AI-driven tools for continuous asset discovery and monitoring to maintain visibility and mitigate risks as digital transformation accelerates significantly.

Why do we care?

IT service providers and cybersecurity professionals should focus on real-world incident recovery testing, prioritized vulnerability management, and around-the-clock protection against ransomware and other evolving threats. AI will be both the adversary and the solution, and businesses that embrace proactive, AI-driven tools will be better positioned to mitigate risks as the digital landscape grows more complex.    Being good at the basics – being ready for incidents, keeping a regular rhythm of updates – will make all the difference.    And most are not doing this well.  

Choose your upgrade:

Get the full benefits of Business of Tech Plus

Insider Access

$12/month

Perfect for MSPs and ITSPs that want full interviews, early access, and ad-free listening

  • Programmatic Ad-free private podcast feedSame show, little interruptions
  • Channel Chatter previews1–2 topics with light insights
  • Early access to interview episodesHear it days before public release
  • Monthly Insider BriefTighter analysis you can share internally
  • Extra audio segmentsCut interviews, behind-the-scenes commentary, quick competitive notes
  • Become an Insider for $12/month

    Leadership Access

    $149/month

    Perfect for MSPs and Vendors that run a team and need the extended tactics, executive summaries, and weekly alignment brief

  • All Insider Access benefits plus . . .
  • Invite your teamIncludes access for 5 team members with option to add more
  • Vendor Strategy BriefsThe entire library, plus new analysis every month
  • Channel ChatterAll topics, full insights, complete vendor discussion + sentiment list
  • Quarterly State of the Channel Briefing
  • Monthly AMA submission priorityAsk Dave direct questions, and skip the line
  • Get the Leadership Edge for $149/month

    Vendor Partner

    $500/month

    Perfect for channel companies or vendors looking to deepen their engagement with the show.

  • All Leadership Access benefits plus . . .
  • Get highlighted as a show sponsor You'll get placement in the show notes, throughout the website, and on our dedicated sponsors page.
  • Enjoy regular shout outs You'll be featured in a rotating format during the show
  • Become a show sponsor for $500/month

    Search all stories