Laptop Displaying the GigaOm Research Portal

Get your Free GigaOm account today.

Access complimentary GigaOm content by signing up for a FREE GigaOm account today — or upgrade to premium for full access to the GigaOm research catalog. Join now and uncover what you’ve been missing!

Key Criteria for Evaluating Ransomware Prevention Solutionsv1.0

An Evaluation Guide for Technology Decision-Makers

Table of Contents

  1. Summary
  2. Ransomware Prevention Primer
  3. Report Methodology
  4. Decision Criteria Analysis
  5. Evaluation Metrics
  6. Key Criteria: Impact Analysis
  7. Analyst’s Take
  8. About Paul Stringfellow

1. Summary

Ransomware continues to be a high-priority threat for all organizations, regardless of size. As with all cybersecurity challenges, the threat continues to evolve as the sophistication of attackers and the tools they use continue to improve. Attacks are now more complex than ever, carried out by organized and well-financed criminal gangs. The malware deployed is more intelligent and sophisticated, as is the way it is deployed. Increasingly, we see double and triple jeopardy attacks, with data encrypted and stolen, as attackers look to ensure they get the biggest return on their investment.

For businesses, the impact of a ransomware attack remains significant. Attacks cause major system outages and disruption. This can lead to loss of revenue, recovery costs (whether in paying a ransom or the services cost to recover), and potential fines from regulators, and will, of course, affect the business’ customer relationships and reputation. Protecting against ransomware should therefore be a priority for all businesses.

How, then, should organizations deal with it? Tools that rely on spotting known malware are no longer enough, and neither are tools that only identify threats and mitigate them. A ransomware strategy must be comprehensive, covering everything from identification of threats to stopping attacks quickly, through to the inevitable need to recover from damage caused by such an attack. To develop such a strategy requires a holistic approach. This is why you will not find a solution that is only a ransomware prevention tool; instead, the tools will be part of more extensive platforms. Features such as endpoint detection and response (EDR) and extended detection and response (XDR), cloud security, threat intelligence, risk assessment, data protection, and user training will all be part of a solution. The tools that bring this range of capabilities together most effectively will be the leading solutions to help businesses protect themselves from ransomware attacks and their impact.

This GigaOm Key Criteria report details the capabilities (table stakes, key criteria, and emerging technologies) and non-functional requirements (evaluation metrics) for selecting an effective ransomware prevention solution. The companion GigaOm Radar report identifies vendors and products that excel in those capabilities and metrics. Together, these reports provide an overview of the category and its underlying technology, identify leading ransomware prevention offerings, and help decision-makers evaluate these solutions so they can make a more informed investment decision.

How to Read this Report

This GigaOm report is one of a series of documents that helps IT organizations assess competing solutions in the context of well-defined features and criteria. For a fuller understanding, consider reviewing the following reports:

Key Criteria report: A detailed market sector analysis that assesses the impact that key product features and criteria have on top-line solution characteristics—such as scalability, performance, and TCO—that drive purchase decisions.

GigaOm Radar report: A forward-looking analysis that plots the relative value and progression of vendor solutions along multiple axes based on strategy and execution. The Radar report includes a breakdown of each vendor’s offering in the sector.