Impact of Staffing Reductions on Ransomware Risk

This technical report discusses the relationship between staffing reductions and the increased risk of ransomware attacks, particularly during weekends and holidays. It outlines findings from Semperis' 2025 Ransomware Holiday Risk Report, which surveyed nearly 1,000 organizations. The report reveals that approximately 60% of ransomware attacks occurred during times of reduced security staffing, highlighting a significant vulnerability. The report emphasizes the need for organizations to maintain adequate staffing levels during off-peak times to enhance detection and response capabilities. Jim Doggett, CISO at Semperis, shares insights on how mergers and acquisitions can create new entry points for ransomware and the importance of having a robust incident response plan. The report also addresses the common misconception that detection is sufficient, stressing the necessity for organizations to focus equally on effective response strategies. Overall, the report serves as a call to action for organizations to reassess their staffing models and incident response protocols to mitigate ransomware risks.