I don't think there is a reasonable correlation, since stopping ransomware doesn't require that much of an increase in spending; it's a culture thing more than a money thing.
Moving security tickets to the top of the stack is absolutely a money thing. Training is a money thing. Exchanging velocity for security is a money thing. Changing culture takes money.
All senior leaders need to visibly spend time on areas of cultural focus. Employees will ignore an email from some random IT department middle manager. But if they see C-suite executives putting sustained effort into something then they'll pick up on that and start to do likewise.