blog post
The Year of Ransomware
2022 is set to be the year of ransomware.
Keeper Security surveyed 2,000 employers across the U.S. who had suffered a ransomware attack in the previous 12 months.
One-third of Employees are Lacking in Training
They found that nearly one-third of employees lacked adequate cybersecurity training prior to the attack, phishing emails caused 42% of ransomware attacks, malicious websites accounted for another 23%, and compromised passwords caused 21%.
Yet 29% of respondents told Keeper they didn’t know what ransomware was prior to their employers being victimized.
While skyrocketing ransom demands are forcing organizations to make tough choices, it is often the indirect costs that are even more severe.
Devastating Effects
Following a ransomware attack, 77% of respondents were unable to access systems or networks, 28% of outages lasted for a week or longer, and a whopping 83% installed new software or made other major updates.
In most cases, rolling out these changes further damaged productivity and added to the tally of indirect recovery costs; 71% of respondents said they had lost login credentials or documents, 38% reported experiencing program or application glitches, 33% faced a steep learning curve on new protocols, 40% lost time to frequent computer restarts and updates, and 43% had to keep logging into programs/accounts (vs. staying logged in continuously).
Moreover, due to fear of negative reputational impact, 26% disclosed the attack only to partners and customers (not the general public), while 15% didn’t tell anyone. This unreported 41% of ransomware attacks makes the threat far more pervasive than anyone realizes.
Perhaps the most severe impact of all of this is that 63% of employees reported that the attack caused them to personally lose trust in their organization.
The CyberEd.io Solution
This is why CyberEd.io has made such a thorough and comprehensive examination of security awareness training and identified the 3 primary areas that when fixed, will reverse the course of human error sourcing over 85% of all cyberattacks.
1. C-suite and Board-level commitment
2. Frequency and engagement of learning curriculum
3. Managed service delivery
Over the course of the next 3 months, we will show you exactly how this works and what it would look like in your organizations.
In the meantime, sign up, get early updates and be part of the solution alongside our development team. Follow us on LinkedIn and Twitter to show your support.
Author
Steve King
Managing Director, CyberEd.io
King, an experienced cybersecurity professional, has served in senior leadership roles in technology development for the past 20 years. He has founded nine startups, including Endymion Systems and seeCommerce. He has held leadership roles in marketing and product development, operating as CEO, CTO and CISO for several startups, including Netswitch Technology Management. He also served as CIO for Memorex and was the co-founder of the Cambridge Systems Group.