New Report on Phishing and Ransomware Helps Prepare You for the Fight

With ransomware ripening into a $1-billion-a-year crime and unbidden adversaries erecting massively coordinated service models to act upon their extortion plots, you're justified to be feeling a tad unsettled these days about your employees opening their inboxes.

In fact, we are beginning to learn just how hand in hand email and ransomware go: According to one report, 93 percent of phishing messages contain the nasty threat. A comprehensive new white paper from Osterman Research and sponsored by Trustwave helps dissect this connection, quantifies the scale of the threat, furnishes predictions for the future and - most importantly of all - offers useful guidance for businesses to defend themselves against incidents involving phishing and ransomware.

IT and security professionals don't have to look very far to be bombarded by news about ransomware and other timely threats, including CEO fraud. This report, based on a survey of 162 IT and security leaders, neatly condenses the risks and helps makes sense of them, while offering legitimately practical best practice advice for your organizations.

Here and some of the key findings from the paper:

  • Both phishing and crypto ransomware are increasing at the rate of several hundred percent per quarter, a trend that Osterman Research believes will continue for at least the next 18 to 24 months.
  • The vast majority of organizations have been victimized by phishing, ransomware and a variety of security-related attacks during the past 12 months.
  • Security spending will increase significantly in 2017 as organizations realize they need to protect against phishing, ransomware and the growing variety of other threats they face.
  • There are a variety of best practices (listed in the report) that organizations should follow in order to minimize their potential for becoming victims of phishing and ransomware.

Dan Kaplan is manager of online content at Trustwave.

Trustwave reserves the right to review all comments in the discussion below. Please note that for security and other reasons, we may not approve comments containing links.