Many businesses offer cybersecurity training to their employees, but lessons rarely touch on the most common attack type: ransomware. This is according to a new report from enterprise identity management company Entrust.
Surveying 1,500 leaders and 1,500 workers from large organizations around the world, Entrust discovered that many organizations amped up their training efforts due to the Covid-19 pandemic.
The vast majority (81 percent) of bosses said their company offered cybersecurity training for their remote workers, while almost all (94 percent) said it positively affected their organization’s security posture.
However, training initiatives tackled general issues, not specific threats like ransomware and phishing. Three-quarters (74 percent) of leaders and employees said the training they received taught personal best practices for security of company data, but just half (52 percent) were trained on phishing. Less than a third (31 percent), meanwhile, received training on ransomware.
Today, ransomware is one of the most popular and devastating types of cyberattacks. The encryption of data and the ransom demand are often followed up with DDoS attacks and telephone intimidation, in order to persuade the target to pay up.
Ever since cybercrime groups targeted Colonial Pipeline and JBS Foods, national and international law enforcement agencies have started a major global crackdown against ransomware operators, successfully shutting down multiple major players, such as DarkSide. However, many threat actors remain.