Rethinking Ransomware Payments: A Fool's Choice

People Remain the Weakest Link in an Organization’s Cybersecurity Defenses


Jeff McCulloch
Jeff McCulloch President Technology

Print Friendly, PDF & Email

The Verizon Business 2022 Data Breach Investigations Report (2022 DBIR) examines an unprecedented year in cybersecurity history and sheds light on some of the leading issues affecting the cybersecurity landscape. 

Of particular concern is the rise in ransomware breaches, which increased by 13 percent in a single year – representing a jump greater than the past five years combined. As criminals look to leverage increasingly sophisticated forms of malware, ransomware continues to prove particularly successful in exploiting and monetizing illegal access to private information.

Where once threat groups would use ransomware to encrypt a victim’s data and refuse to release the decryption keys unless the ransom was paid, they now are getting deeper into extortion. This includes exfiltrating the data and threatening to release it publicly, wiping storage drives clean unless demands are met, or going after a victim’s customers.

Organized crime also continues to be a pervasive force in cybersecurity. Roughly 4 in 5 breaches can be attributed to organized crime – with external actors approximately four times more likely to cause breaches in an organization than internal actors.

Heightened geopolitical tensions also drive increased sophistication, visibility, and awareness around nation-state affiliated cyberattacks.

In a finding that exposes the cost of human influence, people remain – by far – the weakest link in an organization’s cybersecurity defenses. Twenty-five percent of total breaches in the 2022 report resulted from social engineering attacks. When you add human errors and misuse of privilege, the human element accounts for 82 percent of analyzed breaches over the past year.

In today’s day and age, security awareness training is a vital tool to educate employees and build a human firewall capable of decreasing the chances of human error and preventing cyberattacks. Interested in learning more about our security awareness training solutions? Contact Yeo & Yeo Technology.


Want To Learn More?

Connect with one of our professionals today.