- Delayed breach response for more than nine hours results in a 79% chance of ransomware infection, report notes
- Small businesses face high recovery costs, up to $2,000 per employee
- Detection is hampered by evasion tactics and the lack of automated incident response systems.
If a company takes more than nine hours to respond to an email breach, it will almost certainly suffer a ransomware infection as well, experts warned.
A report from Barracuda Networks that surveyed approximately 2,000 IT and security decision makers in North America, Europe and Asia-Pacific found that nearly four in five (78%) organizations experienced at least one email security breach in the previous 12 months.
Of that number, 71% were also affected by ransomware. Organizations that take more than nine hours to address the attack were said to have a 79% chance of being affected by ransomware. The average cost to recover from such an attack, according to Barracuda’s 2025 Email Security Breach Report, is now $217,068.
Advanced evasion techniques
Ransomware attacks are particularly risky for smaller businesses. Organizations with up to 100 employees end up paying almost $2,000 per person to recover, while those with up to 2,000 employees see average costs of around $240 per employee.
It may seem counterintuitive, but only 50% of victims detected the breach within an hour, Barracuda explained. This is primarily due to the advanced evasion techniques (47%) employed by attackers, as well as the lack of automated incident response solutions (44%), which delay the detection, containment and removal of threats.
For two in five (41%), ransomware resulted in reputational damage, loss of new business opportunities and also harmed growth.
“Email security is no longer just about stopping spam or mass phishing; it’s about preventing the first domino from falling in a chain of cyber threats that could end in operational paralysis, data loss, reputational damage and long-term business impacts,” said Neal Bradbury, chief product officer at Barracuda.
“Responding quickly and effectively to email breaches is critical to overall cyber resilience,” said Neal Bradbury, chief product officer at Barracuda. “This can be a challenge for many organizations. Findings show that the ability to detect and neutralize email incidents is often hampered by increasingly complex and evasive attacks, internal skills shortages, lack of automation, and more. A unified approach to protection centered on a robust integrated security platform is vital.”
The best antivirus for all budgets
Follow TechRadar on Google News and add us as a preferred source to receive news, reviews and opinions from our experts in your feeds. Be sure to click the Follow button!
And of course you can also follow TechRadar on TikTok for news, reviews, unboxings in video form and receive regular updates from us on WhatsApp also.
