84% of organizations experienced phishing or ransomware attacks in the last year

New research finds half of US firms are not effective in countering cyber threats

A new report from Trend Micro has found that 84% of US organizations have reported phishing or ransomware security incidents in the last 12 months.

The findings come from an Osterman Research study commissioned by Trend Micro that was compiled from interviews with cyber security professionals in midsize and large organizations nationwide. The research also found that half of US organizations are not effective at countering phishing and ransomware threats.

The report further split the threat landscape into 17 types of security incidents and found 84% of respondents had experienced at least one of them, highlighting the prevalence of phishing and ransomware. Most common were successful business email compromise (BEC) attacks (53%), phishing messages resulting in malware infections (49%), and account compromise (47%).

Of 17 types of threats, 37% of organizations believed they were highly effective at counteracting 11 or more of the phishing and ransomware threats. This increased to 63% of organizations who believed they were highly effective at countering 10 or fewer of the threats.

Only 16% of organizations reported no security incident types related to phishing and ransomware in the past 12 months. In other words, it is a widespread problem for most organizations.

The report found that 72% of organizations consider themselves ineffective at preventing home infrastructure from being a conduit for attacks on corporate networks. 

Related Resource

The secure cloud configuration imperative

The central role of cloud security posture management

The secure cloud configuration imperativeDownload now

Survey respondents indicated high concern levels with several ransomware-related threats. Researchers said respondents were more concerned with a ransomware attack happening than their ability to clean up after a ransomware attack. 

Not being able to prevent an attack is, on average, a high concern to 55% of respondents. The post-attack concerns, such as brand reputation impacts and the ability to recover corporate data are high concerns to 48% of respondents.

Artificial intelligence (AI) and machine learning (ML) security technologies offer the prospect of greater capabilities to detect, triage, and mitigate security threats and to prioritize high-impact incidents for security analyst investigation. 

The research found that respondents reported a mismatch between current and preferred patterns of AI/ML usage — respondents wanted much more use of AI/ML than currently deployed. Around 77% of respondents said AI/ML is currently used to some extent or less, with the “to some extent” making up almost half.

Another 92% of respondents would prefer that AI/ML was used to some extent or more. Of the total, 47% wanted AI/ML used often or continually, but only 14% say this currently the situation.

"Phishing and ransomware were already critical enterprise security risks even before the pandemic hit and, as this report shows, the advent of mass remote working has increased the pressure of these threats," said Joy Clay, vice president of threat intelligence for Trend Micro. "Organizations need multi-layered defenses in place to mitigate these risks.”

Featured Resources

B2B under quarantine

Key B2C e-commerce features B2B need to adopt to survive

Download now

The top three IT pains of the new reality and how to solve them

Driving more resiliency with unified operations and service management

Download now

The five essentials from your endpoint security partner

Empower your MSP business to operate efficiently

Download now

How fashion retailers are redesigning their digital future

Fashion retail guide

Download now

Recommended

Chipotle’s marketing email hacked to send phishing emails
phishing

Chipotle’s marketing email hacked to send phishing emails

29 Jul 2021
Dark web ads offering access to corporate networks increase sevenfold
hacking

Dark web ads offering access to corporate networks increase sevenfold

28 Jul 2021
Number of hacking tools increasing as cyber criminals become more organized
hacking

Number of hacking tools increasing as cyber criminals become more organized

28 Jul 2021
Criminals target Discord to spread malware
live chat

Criminals target Discord to spread malware

26 Jul 2021

Most Popular

RMIT to be first Australian university to implement AWS supercomputing facility
high-performance computing (HPC)

RMIT to be first Australian university to implement AWS supercomputing facility

28 Jul 2021
Samsung Galaxy S21 5G review: A rose-tinted experience
Mobile Phones

Samsung Galaxy S21 5G review: A rose-tinted experience

14 Jul 2021
The benefits of workload optimisation
Sponsored

The benefits of workload optimisation

16 Jul 2021