84% of Organizations Experienced Phishing & Ransomware Type Threats in the Past 12 Months

Rhea-AI Summary

Trend Micro's recent research indicates that 50% of US organizations are ineffective against phishing and ransomware threats. The study, conducted by Osterman Research, surveyed 130 cybersecurity professionals from mid-sized and large firms. Key findings include that 72% find it hard to prevent attacks via home networks and only 37% effectively follow best practices. Moreover, 84% of respondents faced at least one security incident, highlighting the urgent need for multi-layered defense strategies. The report outlines essential practices like improved authentication and proactive incident response planning.

Positive

• The report emphasizes the critical need for organizations to adopt multi-layered cybersecurity defenses, benefiting Trend Micro's services.
• Trend Micro's platform, including Vision One, is highlighted as a solution to mitigate risks from phishing and ransomware.

Negative

• 50% of surveyed organizations reported ineffectiveness in combating phishing and ransomware, indicating a significant market challenge.

DALLAS, July 12, 2021 /PRNewswire/ -- Trend Micro Incorporated (TYO: 4704; TSE: 4704), a global cybersecurity leader, published new research revealing that half of US organizations are not effective at countering phishing and ransomware threats.

The findings come from an Osterman Research study commissioned by Trend Micro and compiled from interviews with 130 cybersecurity professionals in mid-sized and large organizations.

A full copy of the report, How to Reduce the Risk of Phishing and Ransomware, is available here: https://resources.trendmicro.com/rs/945-CXD-062/images/Reduce-Phishing-Ransomware_Trend-Micro.pdf

"Phishing and ransomware were already critical enterprise security risks even before the pandemic hit and, as this report shows, the advent of mass remote working has increased the pressure of these threats," said Joy Clay, vice president of threat intelligence for Trend Micro. "Organizations need multi-layered defenses in place to mitigate these risks. These range from phishing simulations to advanced threat detection and response platforms like Trend Micro Vision One, which alert security teams before attackers can make an impact."

The study asked respondents to rate their effectiveness in 17 key best practice areas related to ransomware and phishing, ranging from protecting endpoints from malware infection to ensuring prompt patching of all systems.

Key takeaways from the report include:

• 50% rated themselves ineffective overall at tackling phishing and ransomware.
• 72% consider themselves ineffective at preventing home infrastructure from being a conduit for attacks on corporate networks.
• Only 37% believed they were highly effective at following 11 or more of the highlighted best practices.

The report further split the threat landscape into 17 types of security incident and found 84% of respondents had experienced at least one of these—highlighting the prevalence of phishing and ransomware. Most common were successful:

• Business email compromise (BEC) attack - 53%
• Phishing messages resulting in malware infection - 49%
• Account compromise - 47%

Phishing remains among the top vectors for threat actors. Although it can be the first stage in a ransomware attack, it's also used in BEC raids, or to infect victims with malware including info-stealers, banking trojans, spyware, crypto-miners, and more.

Ransomware has become a modern epidemic, hitting government, hospitals, schools and private enterprises and any other targets deemed vulnerable to extortion and capable of paying. It results most often in both data loss and potential serious IT service outages.

The security issues flagged by respondents as most concerning were:

• 65% phishing attempts landing in user inboxes
• 65% users clicking on phishing links or opening attachments
• 61% data theft via ransomware actors

The report also contains a trove of useful information for organizations including typical attack TTPs, effective mitigations and capabilities to look out for in commercial cybersecurity solutions.

High success rates for both phishing and ransomware campaigns mean both are likely to intensify over the coming years. The report recommends that organizations embrace the following best practices to mitigate cyber-risk:

• Focus on root causes of compromise using a risk-based approach to address the most damaging threats
• Improve authentication via use of password managers, tweaking policies, monitoring for credential breaches and even using passwordless authentication
• Take a people, process and technology approach including user training, incident response processes and technology like Vision One to detect and respond to threats early on
• Don't wait for a breach before developing an incident response plan. Reach out to law enforcement, managed services providers, your security vendors, and other key stakeholders now

About Trend Micro
Trend Micro, a global cybersecurity leader, helps make the world safe for exchanging digital information. Fueled by decades of security expertise, global threat research, and continuous innovation, Trend Micro's cybersecurity platform protects hundreds of thousands of organizations and millions of individuals across clouds, networks, devices, and endpoints. As a leader in cloud and enterprise cybersecurity, the platform delivers a powerful range of advanced threat defense techniques optimized for environments like AWS, Microsoft, and Google, and central visibility for better, faster detection and response. With 7,000 employees across 65 countries, Trend Micro enables organizations to simplify and secure their connected world. TrendMicro.com.

 

View original content to download multimedia:https://www.prnewswire.com/news-releases/84-of-organizations-experienced-phishing--ransomware-type-threats-in-the-past-12-months-301331071.html

SOURCE Trend Micro Incorporated

FAQ

What does Trend Micro's recent report reveal about cybersecurity effectiveness?

The report reveals that 50% of US organizations find themselves ineffective against phishing and ransomware threats.

How many organizations experienced phishing or ransomware attacks according to Trend Micro?

According to the report, 84% of organizations experienced at least one type of phishing or ransomware-related incident.

What are the main security concerns highlighted in the Trend Micro report?

The report highlights concerns such as phishing emails landing in inboxes and users clicking on malicious links.

What best practices does Trend Micro recommend for organizations?

Best practices include focusing on root causes of compromise, improving authentication, and developing incident response plans.

When was the Trend Micro report published?

The report was published on July 12, 2021.

What company conducted the cybersecurity research mentioned in the report?

The research was conducted by Trend Micro in collaboration with Osterman Research.

What percentage of organizations believe they are ineffective at preventing home infrastructure attacks?

72% of organizations consider themselves ineffective at preventing home infrastructure from becoming a conduit for attacks.