GigaOm Key Criteria for Evaluating Ransomware Prevention Solutionsv2.0

1. Executive Summary

Ransomware continues to be a high-priority threat for all organizations, and as with all cybersecurity challenges, the threat continues to evolve as the sophistication of attackers and the tools they use evolve as well. Attacks are now more complex than ever, carried out by organized and well-financed criminal gangs. The malware deployed is more intelligent and sophisticated, as is the way it is deployed. Increasingly, we see double and triple jeopardy attacks, with data not only encrypted but stolen, as attackers look to ensure they get the biggest return on their investment. The use of AI is as prevalent among these attackers as it is in any other part of the IT industry and is being used to find novel ways to evade ransomware prevention tools, to better target victims, and to automate attacks more effectively.

IT leaders must ensure their ransomware prevention strategies can effectively deal with modern threats. Tools that rely on spotting known malware are no longer enough, and neither are tools that only identify threats and mitigate them. A ransomware strategy must be comprehensive, from identification of a threat to stopping attacks quickly, to the inevitable recovery from damage caused by such an attack, and this requires a holistic approach. This is why ransomware tools are often part of broader solutions. Endpoint detection and response/extended detection and response (EDR/XDR), cloud security, threat intelligence, risk assessment, data protection, and user training all are typically part of a solution. The tools that bring this range of capabilities together most effectively will be the most effective in helping a business protect itself from ransomware attacks and their impact.

Business Imperative
For businesses, the impact of a ransomware attack remains significant. An attack will likely cause major system outages and disruption, which will have a direct financial impact. It will lead to loss of revenue, recovery costs (whether in paying a ransom or the cost of recovery services), potential fines from regulators, and, of course, the impact on reputation and customer relationships. The effect of a successful ransomware attack should not be underestimated, and preventing it must be seen as a business priority, not just a technical one. Ransomware has been so often and so widely discussed that it is easy to assume that it has been “dealt with,” but nothing could be further from the truth. Ransomware continues to pose a significant threat with rapid and regular evolutions that organizations must understand and ensure they are sufficiently protected against.

Sector Adoption Score
To help executives and decision-makers assess the potential impact and value of deploying a Ransomware Prevention solution, this GigaOm Key Criteria report provides a structured assessment of the sector across five factors: benefit, maturity, urgency, impact, and effort. By scoring each factor based on how strongly it compels or deters adoption of a topic solution, we provide an overall Sector Adoption Score (Figure 1) of 4.6 out of 5, with 5 indicating the strongest possible recommendation to adopt. This indicates that a Ransomware Prevention solution is a compelling candidate for deployment and worthy of prompt consideration.

The factors contributing to the Sector Adoption Score for Ransomware Prevention are explained in more detail in the Sector Brief section that follows.

Figure 1. Sector Adoption Score for Ransomware Prevention

This is the second year that GigaOm has reported on the ransomware prevention space in the context of our Key Criteria and Radar reports. This report builds on our previous analysis and considers how the market has evolved over the last year.

This GigaOm Key Criteria report highlights the capabilities (table stakes, key features, and emerging features) and nonfunctional requirements (business criteria) for selecting an effective ransomware prevention solution. The companion GigaOm Radar report identifies vendors and products that excel in those decision criteria. Together, these reports provide an overview of the market, identify leading ransomware prevention offerings, and help decision-makers evaluate these solutions so they can make a more informed investment decision.