Adarma 2022 Ransomware Readiness Report

Overconfident and Underprepared?


In January 2022, Adarma undertook research across 500 UK organisations with over 2000 employees. We asked the senior leadership of these organisations a series of questions to uncover how concerned business leaders are about ransomware, how confident they are in their organisation’s ability to deter or prevent an attack, how able they are to respond to an attack and to understand the steps they have undertaken to minimise this significant risk.
Our report highlights the key findings and provides guidance to the c-suite and executive board on how to prepare their organisation, not just the security team, for what some might say is an inevitable ransomware attack.

Key findings

Epidemic Levels

Has your organisation experienced a ransomware attack?

According to our study, 58% of UK businesses with more than 2000 employees have suffered a ransomware attack.

Criminals are cashing in

Did you pay the ransom?

A staggering 67% confirmed they had paid the ransom, for smaller businesses this was 100%, while it appears those with higher revenues were generally less likely to pay.

IT to blame?

Who should be held accountable?

19% of business leaders believe the individual duped into clicking on a phishing email should be held accountable, while 48% would levy blame at the IT Security Team.

Fill in the form to read the full report.
Are you overconfident and underprepared?

Discover how you can better prepare your organisation with our Ransomware Readiness blog series




RansomCloud: How Ransomware is Attacking the Cloud


Anti-Ransomware Awareness Day: Re-examining WannaCry 5 years on


Ransomware Readiness from a Legal Team’s Perspective


Debunking 5 Major Ransomware Myths & Misconceptions


Practical Tips for Leading a Team Through a Cyber Attack


Ransomware: Your Checklist for Building an Incident Response Plan 


15 Recent Ransomware Attacks


Ransomware as a Service (RaaS) Explained


The Six Steps of Detection and Response


How to Get Attackers Out of Your Network


The Magnificent Seven Components of a Solid Cyber Defence Plan


Raising the Bar of your Cyber Defence Plan



The Expert View:

Ransomware strategies – preparing for an attack

“Ransomware is the cyber-plague of our time,” said John Maynard, CEO of Adarma, opening a recent TEISS breakfast briefing at The Goring in London. He told attendees, all senior executives from a range of industries, that ransomware attacks are up 144 percent, year-on-year, and the amount paid in ransoms has increased by 75 percent to $500,000.

Leading a team through a devastating cyber attack

Practical advice and insight from a former CEO



Invest in avoiding the attack and an effective response (Keep Them Out, Get Them Out)



Determine if you might discuss/negotiate and/or pay and, if so, prepare for this



Agree on recovery priorities (for both business and security) and how they will be balanced



Invest in understanding your environment and maintaining this understanding



Clearly determine who needs to create and execute the response plan and hold them to account



Select suppliers with the right experience level and the right attitude before the crisis



Agree and implement how you will communicate (assume normal channels are watched)



Agree and implement how you will detect, respond and recover (assume disruption will occur)



Exercise the plan and stress test the organisation (including your suppliers)



Engage with your core customers and agree how you will work together during the crisis

“Ransomware is at epidemic levels and there is a disconnect between organisations’ confidence in their levels of preparedness in the face of an attack and what we are seeing on the ground. With almost 60% of UK businesses with more than 2,000 employees having experienced a ransomware attack, it is critical that we elevate this risk within our own organisations”


– John Maynard, Chief Executive Officer, Adarma

We believe that the main advantage we have over an attacker is the time to prepare a response with a credible plan.​


Managed SOC is a Detection and Response Service provided by Adarma.

Prepare – Intelligence, planning and rehearsing, testing and simulating breaches are all important factors to integrate into your defences.​

Managed SOC is a Detection and Response Service provided by Adarma.

Protect – Manage your attack surface through risk-based vulnerability management and controls​.

Managed SOC is a Detection and Response Service provided by Adarma.

Detect – Early context rich detection, before action is taken is critical to contain and stop the bleed.

Managed SOC is a Detection and Response Service provided by Adarma.

Respond– Ensure you have the right experts on call to support you during the incident response.  Ensure you have mechanisms in place to document lessons learned and improve plans.

Reporting a ransomware attack

When your business suffers a ransomware attack or a related cybersecurity incident, you might need to report it to the Information Commissioner’s Office (ICO). Under the General Data Protection Regulation (GDPR) rules, which went into effect as of 25th May 2018, it’s mandatory that you report data breaches to the ICO within 72 hours.

Below are some useful links when reporting a ransomware attack:

Information Commissioner’s Office

Action Fraud

National Cyber Security Centre

Let’s talk.

Speak to our experts and see how we can help protect your business.

Contact Us