A new survey points to an overconfidence around organization’s preparedness, despite admitting to falling victim to ransomware attacks – in some cases multiple times.
According to Fortinet’s 2023 Global Ransomware Report, the threat of ransomware at face value seems to be of high importance to organizations:
- 80% of cybersecurity leaders said they were “very” or “extremely” concerned about ransomware
- 78% said they are “very” or “extremely” prepared to stop a ransomware attack
- 91% said ransomware was either the “most important” or a top 3 priority
But the data also shows that despite the focus on protecting against attacks and believing they are ready, organizations still fell victim:
- 50% of organizations were a victim of a ransomware attack in the last 12 months
- 67% of orgs were a target of a ransomware attack
- 46% of orgs were targeted by ransomware attacks two or more times
According to Fortinet, phishing remained the top initial attack vector in 56% of the attacks, making it necessary to shore up security around email and the potential malicious content within. Security solutions can assist with malicious attachments and links to a degree (as threat actors work diligently to obfuscate a security solution’s ability to identify content as being malicious in the first place), but it’s inevitably up to the recipient user to spot the unusual nature of the potentially harmful email and discontinue interacting with it – something taught through regular enrollment in security awareness training.