Technology Reseller v41

01732 759725 22 Immediately Within a business day Within 5 business days In over 5 business days Immediately Within a business day Within 5 business days In over 5 business days 39% 46% 10% 5% 7% 70% 19% 4% Data Recovery Time (No ransom paid) For companies that were able to recover without paying a ransom, this graph shows how long it took to recover. Data Encyrption (Ransom paid) For companies that paid a ransom, this graph shows how long it took to decrypt the data. As for the cost of downtime, the range of estimates is even wider, depending on the size and nature of the business, risk tolerance and vertical. Estimates for small and midsize businesses start around $10,000 an hour while for enterprises, the average cost can be around $300,000 an hour. In our study, 70 percent of businesses that refused to pay a ransomwere able to recover their data within a day after ransomware was discovered, and 19 percent were able to recover in up to five days. Out of businesses that did pay a ransom, 39 percent had their data decrypted immediately versus 46 percent that had i decrypted within a business day. These recovery and decryption times may or may not fall within the risk tolerances for the business. Recovery time objectives (RTO) will vary based on the type of data that needs to be recovered or decrypted. For non-critical data and applications, a 24-hour recovery time may fall within the RTO for those systems. For mission-critical data, a 24-hour recovery may exceed the tolerable limit and help drive the cost of downtime higher than the cost of the ransomware payment itself.