518-373-4111
Ransomware is a type of malicious software (malware) that threatens to publish the victim’s data or perpetually block access to it unless a ransom is paid. It encrypts files or locks computer systems, demanding payment, often in cryptocurrency, for decryption or access. Our cybersecurity partner, Orbitalfire, says that while ransomware payouts have been on the decline, businesses shouldn’t mistake lower payouts for lower risk, and they provide some proactive tips to reduce the risk of an attack.
Ransomware Payouts Are Down, But Don’t Celebrate Just Yet
If you’ve skimmed recent headlines, you might have seen something surprising: ransomware payouts are on the decline. According to Aon’s 2024 Cyber Resilience Report, the average ransom paid by companies fell to just 28% of the initial demand in 2023, down from 43% in 2022. On the surface, that sounds like good news. Less money to the bad guys? We’ll take it.
But here’s the catch: ransomware attacks themselves haven’t slowed down. They’re evolving. And for small businesses, the risks remain high, even if the ransom number doesn’t.
The Cost Is Still Coming from Somewhere
Lower payouts don’t mean fewer claims. In fact, cyber claims are up, especially among small and midsized businesses. Aon’s report shows a significant uptick in cyber insurance claims from this group, driven by business email compromise, data theft, and of course, ransomware.
Why the disconnect? In many cases, organizations are refusing to pay ransoms or negotiating them down, often due to better preparedness, stronger backups, or legal/regulatory pressure. But that doesn’t eliminate the cost. Downtime, data recovery, incident response, and customer notification costs can easily stack up, regardless of whether a ransom is paid.
The Ransom Isn’t the Only Threat
Cybercriminals are getting creative. More are using “double extortion”: stealing data and threatening to leak it if the ransom isn’t paid. Others are exploiting vulnerabilities faster and more quietly, often sitting in networks for weeks before triggering an attack. Small businesses without the tools or visibility to detect this kind of activity are at higher risk, regardless of how low the final ransom demand is.
So What Should Small Businesses Do?
Here’s the real takeaway: lower average ransomware payouts are a sign that resilience is possible, but only with the right preparation.
At OrbitalFire, we’ve seen firsthand how smaller businesses can punch above their weight by focusing on practical, proactive cybersecurity. Here are some of the things making the biggest difference:
- Backups that Actually Work – Offline, tested, and restorable.
- 24/7 Intrusion and Threat Detection – Complete visibility to and detection of intrusions, anomalies, compromise, and other potential threats.
- Incident Response Planning – So your team knows what to do before things go sideways.
- Phishing Testing – Improved cybersecurity behaviors to reduced phishing risk.
- Awareness Training – Because phishing is still the #1 way attackers get in.
- Vulnerability Management – Identify and patch before attackers exploit known weaknesses.
Bottom Line: Hope Is Not a Strategy
The decline in ransom payouts is encouraging, but it’s not a green light to relax. If anything, it’s a sign that businesses who prepare can avoid the worst outcomes. But for those who haven’t? The costs are just hiding elsewhere.
Cybercriminals don’t care about your size, they care about your gaps. Let’s close them.
Need help building a more resilient cybersecurity program?
Contact OrbitalFire to learn how we help small businesses prepare for (and prevent) ransomware and other attacks.
GTM’s Cybersecurity Practices
Security is integral to our operations. It’s at the core of what we do with multiple layers of protection embedded into our products, processes, and infrastructure.
Our state-of-the-art security measures are designed to safeguard your data from unauthorized access and cyber threats. We employ a robust combination of physical, administrative, and technical controls, including advanced encryption technologies, continuous network monitoring, and strict access controls, ensuring your data is protected around the clock.
GTM undergoes annual security assessments from the New York State Department of Financial Services and adheres to the National Institute of Standards and Technology (NIST) for cybersecurity standards. GTM also submits to several third-party audits, including SOC 1 audits, Nacha audits, and financial statement audits.
Cyber and Data Breach Liability Insurance
As an additional method of security, cyber and data breach liability insurance is available in case of a cyberattack or data breach. A cyber liability and data breach insurance policy can help if your business computers get hit with a virus that exposes private or sensitive information, your business is sued for losing customers’ sensitive data, or your business takes on public relations costs to protect its reputation after a data breach.
If you are interested in cyber and data breach insurance, the GTM Insurance Agency can discuss your options. Contact them for a free quote or more information.