Ransomware attacks have impacted only 25% of U.S. organizations during the past year, representing a 61% drop from 2021, according to VentureBeat. Sixty-eight percent of companies hit by ransomware paid demanded ransoms last year, compared with 82% in 2021, a report from Delinea revealed. However, the rate of organizations with incident response plans declined from 94% in 2021 to 71% in 2022, indicating that entities are becoming increasingly complacent against ransomware attacks. "Ransomware is still a significant concern and threat to any organization, and some of the signs of complacency we saw evidenced in the survey research could be a harbinger of an increase in ransomware in 2023," said Delinea Chief Security Scientist and Advisory Chief Information Security Officer Joseph Carson. Carson noted that the persistent threat of ransomware attacks should prompt organizations to invest in proactive cybersecurity measures aimed at strengthening their identity and access controls, such as multi-factor authentication and password vaulting.