Recovering from a ransomware attack can be prohibitively expensive. According to a TechRadar article by Edwin Weijdema, Field CTO EMEA at Veeam, ransomware attacks cost organizations globally an estimated $57 billion last year, a figure expected to jump to $275 billion by 2031. The key to reducing that bill lies not just in better security tools, but in how organizations align their response across teams.
The escalating cost of ransomware
Ransomware attacks are no longer a question of if or when, but how many times they will occur, Weijdema writes. The financial impact extends beyond the ransom itself: factors include whether immutable backups are in place, how long operations are offline, and whether any data is lost permanently. In high-profile retail ransomware attacks across the UK last year, estimated costs reached nearly half a billion dollars — driven not just by IT costs but by lengthy downtime that disrupted services for months and affected suppliers.
“Last year, ransomware attacks cost organizations globally an estimated $57 billion, and this already eye-watering figure is expected to jump to $275 billion by 2031.”
The alignment gap
Traditionally, cyber resilience responsibility sat with the security team. But Weijdema argues that in today’s digitally connected world, ransomware protection and recovery must extend further. Yet over half of organizations reported needing a significant overhaul of their IT operations and security team alignment. Focusing recovery planning solely within the security team leads to costly misalignment and extended recovery times. Even if plans exist on paper, if only the security team regularly tests and refines them, connections fail in practice.
The article highlights that the highest direct cost of downtime is lost revenue. The disconnect between teams has a knock-on effect on recovery time and overall cost. To trim the ransomware bill, organizations must ensure that IT, operations, and security teams are aligned and regularly practice coordinated response.
Regulatory pressures
Regulations are already pushing for this change. Weijdema notes that NIS2 and DORA across the EU place increased responsibility for recovery and resilience on senior leadership, not just security teams. This legal impetus adds urgency to the business case for cross-team alignment.
An investment that pays for itself
Aligning ransomware recovery across all relevant business teams is easier said than done, but it is worth the effort. According to Weijdema, you might spend big on best-in-class security and recovery tools, but true resilience depends on how you use them. Coordinated planning and regular testing reduce downtime and associated costs, making the investment in alignment pay for itself.
| Factor | Impact on Cost |
|---|---|
| Immutable backups in place | Avoids ransom payment |
| Downtime duration | Lost revenue per hour |
| Data loss | Permanent business damage |
| Team alignment | Faster recovery, lower cost |
The bottom line: organizations that proactively align their IT and security teams, and practice recovery drills, can significantly reduce the financial toll of ransomware attacks. With regulatory mandates like NIS2 and DORA coming into force, the time to act is now.
Sources:
