Table of Contents
- Summary
- Market Categories and Deployment Types
- Key Criteria Comparison
- GigaOm Radar
- Vendor Insights
- Analyst’s Take
- Methodology
- About Paul Stringfellow
- About GigaOm
- Copyright
1. Summary
Ransomware continues to be a high-priority threat for all organizations, regardless of size. As with all cybersecurity challenges, the threat continues to evolve as the sophistication of attackers and the tools they use continue to improve. Attacks are now more complex than ever, carried out by organized and well-financed criminal gangs. The malware is more intelligent and sophisticated, as is the way it is deployed. Increasingly, we see double and triple jeopardy attacks, with data encrypted and stolen, as attackers look to ensure they get the biggest return on their investment.
For businesses, the impact of a ransomware attack remains significant. An attack will likely cause major system outages and disruption, which will have a direct financial impact. It can lead to loss of revenue, recovery costs (whether a ransom payment or required recovery services), potential fines from regulators, and impacts on customer relationships and business reputation. Therefore, ransomware should be a business priority, not just a technical one, and it is something all organizations must understand and protect themselves against.
How then should organizations deal with ransomware? Tools that rely on spotting known malware are no longer enough, and neither are tools that only identify threats and mitigate them. A ransomware strategy must be comprehensive, covering everything from identification of the threat to stopping attacks quickly to the inevitable need to recover from damage caused by such an attack. To develop such a strategy requires a holistic approach. That is why you will not find a solution that is only a ransomware prevention tool; instead, the tools will be part of more extensive platforms. Features such as endpoint detection and response (EDR), extended detection and response (XDR), cloud security, threat intelligence, risk assessment, data protection, and user training will all be part of a solution. The tools that bring this range of capabilities together most effectively will be the leading solutions that help businesses protect themselves from ransomware attacks and their impact.
This GigaOm Radar report highlights key ransomware prevention vendors and equips IT decision-makers with the information needed to select the best fit for their business and use case requirements. In the corresponding GigaOm report “Key Criteria for Evaluating Ransomware Prevention Solutions,” we describe in more detail the capabilities and metrics that are used to evaluate vendors in this market.
This is our first year evaluating the ransomware prevention space in the context of our Key Criteria and Radar reports. All solutions included in this Radar report meet the following table stakes—features widely adopted and well implemented in the sector:
- Endpoint protection
- Known threat blocking
- Threat reporting
- Administration console
- Regular protection updates
How to Read this Report
This GigaOm report is one of a series of documents that helps IT organizations assess competing solutions in the context of well-defined features and criteria. For a fuller understanding, consider reviewing the following reports:
Key Criteria report: A detailed market sector analysis that assesses the impact that key product features and criteria have on top-line solution characteristics—such as scalability, performance, and TCO—that drive purchase decisions.
GigaOm Radar report: A forward-looking analysis that plots the relative value and progression of vendor solutions along multiple axes based on strategy and execution. The Radar report includes a breakdown of each vendor’s offering in the sector.