Over 50% of Enterprises Lack Formal Plans to Handle Ransomware Attacks, Thales Report Finds

Thales’ “2023 Data Threat Report” reveals concerning findings regarding the lack of formal plans to handle ransomware attacks in over 50% of enterprises. This is particularly alarming considering the increasing targeting of schools by ransomware attacks. The report also highlights high-profile incidents of ransomware attacks on educational institutions and emphasizes the need for cybersecurity funding in districts.


Thales’ “2023 Data Threat Report” highlights the lack of formal plans in place to handle ransomware attacks in over 50% of enterprises. This is a significant concern, especially considering the rise in ransomware attacks targeting schools. Last year, 8 in 10 K-12 districts reported being hit by ransomware attacks [4], marking a 43% increase from 2021 [4]. In response to this alarming trend, the Federal Communications Commission has proposed allocating federal funding for cybersecurity in districts [4].

The report also sheds light on notable ransomware attacks on educational institutions, including the Los Angeles Unified School District [4], Minneapolis Public Schools [4], and New York City Public Schools [4]. Additionally, the attack on MOVEit software resulted in data breaches at 375 companies and organizations [4], including universities [4]. The National School Clearinghouse was also affected [4].

Furthermore, the report delves into the top security targets, including ransomware solutions and the challenges faced by remote workforces [2] [3]. It also focuses on government organizations [3], such as federal, state [2] [3], and local governments [2] [3], as well as law enforcement [2] [3]. The report highlights key findings from a survey of security leaders in the financial services industry [2], as seen in Thales’ “2022 Data Threat Report for Financial Services.” It addresses various compliance solutions, such as Basel Compliance [3], data breach notification laws [3], GDPR [3], and ISO certifications [3].

Thales offers a range of solutions to secure digital transformation, including cloud security [3], compliance mandates [3], and protection for the Internet of Things [3]. The report emphasizes the need for strong authentication implementation for Office 365 to mitigate the risk of unauthorized access and data breaches. Additionally, it mentions that the rapid advancement of artificial intelligence (AI) capabilities is expected to outpace and impact cybersecurity defenses for organizations and governments globally [1].


The findings of Thales’ “2023 Data Threat Report” highlight the urgent need for enterprises to develop formal plans to handle ransomware attacks. The increasing targeting of schools by ransomware attacks underscores the importance of cybersecurity funding in districts. The report also emphasizes the need for strong authentication implementation and the potential impact of AI on cybersecurity defenses. Moving forward, it is crucial for organizations and governments to prioritize cybersecurity measures to mitigate the risk of unauthorized access and data breaches.


[1] https://www.darkreading.com/vulnerabilities-threats/beyond-chatgpt-organizations-must-protect-themselves-against-the-power-of-ai
[2] https://cpl.thalesgroup.com/data-threat-report
[3] https://cpl.thalesgroup.com/resources/encryption/2021/data-threat-report
[4] https://www.the74million.org/article/new-200m-fcc-proposal-could-help-districts-combat-cyber-attack-onslaught/


Thales, Data Threat Report, ransomware attacks, enterprises, schools, cybersecurity funding, districts, K-12 districts, Federal Communications Commission, federal funding, Los Angeles Unified School District, Minneapolis Public Schools, New York City Public Schools, MOVEit software, data breaches, 375 companies, organizations, universities, National School Clearinghouse, security targets, ransomware solutions, remote workforces, government organizations, federal, state, local governments, law enforcement, security leaders, financial services industry, Basel Compliance, data breach notification laws, GDPR, ISO certifications, cloud security, compliance mandates, Internet of Things, strong authentication implementation, Office 365, unauthorized access, data breaches, artificial intelligence, AI capabilities, cybersecurity defenses, organizations, governments, prioritize cybersecurity measures.