Fully 53 percent of U.S. state and local governments and educational organizations lack a ransomware recovery plan, according to survey results gathered by Palo Alto Networks and the Center for Digital Government (CDG).The figure reinforces the gaping disconnect between government organizations and schools -- and the potential fallout from ransomware attacks. Ill-prepared organizations often pay millions of dollars to restore data and rebuild networks after a ransomware attack. Example victims include:The City of New Orleans ($7 million in damages from ransomware attack); Atlanta ($17 million); and Baltimore (at least $6 million). More than 90 percent of respondents with a plan are confident their organization could survive a ransomware attack, while only 56 percent of those without a plan share that confidence. 79 percent disagreed with the statement that ransomware will subside significantly over the next 12 to 18 months. Over 75 percent expressed confidence in their organization's ability to prevent compromise via common attack vectors. At least 67 percent said they need to make additional investments to respond effectively to ransomware attacks. 31 percent have a completed incident response plan for ransomware, and 22 percent did not know if they had made such preparations. Ransomware-as-a-service and various sophisticated technologies are making it easier than ever to execute ransomware attacks, Palo Alto Networks indicated. As such, ransomware attacks look poised to increase in severity and volume in the foreseeable future, and state, local and educational organizations must plan accordingly.