Ponemon Institute is pleased to present the results of The 2021 Cost of Phishing Study sponsored by Proofpoint. Initially conducted in 2015, the purpose of this research is to understand the risk and financial consequences of phishing. For the first time in this year’s study we look at the threats and costs created by business email compromise (BEC), identity credentialing and ransomware in the workplace.
Cyber risk is now a regular board meeting topic. Even with this increased awareness, it’s a struggle to communicate security and risk metrics in a way that resonates with the business. Technical data isn’t made to directly communicate the impact against revenue, brand, and financial risks that the company cares about.
Many organizations are still depending on spreadsheet and email-based processes resulting in errors. To add to this, there are mounting costs and fatigue in meeting certification and reporting requirements because of repeated requests for similar information by the IT Risk and Compliance teams. Organizations are spending too much time on maintaining checklists and audit requirements and not enough time is spent on forward-looking activity,
resulting in the lack of clarity for senior executives on cyber risk and investment priorities.
Looking back over recent years, ransomware has been an ongoing security threat for companies around the world. Digital transformation has accelerated — largely due to the rise in remote work resulting from the COVID-19 pandemic. Unfortunately, as companies went increasingly digital, a new opportunity emerged for cyber criminals to maximize profit by exploiting this new reality.
Most organizations struggle with how to manage the enormous volumes of information they have today, but the problem is going to become much more difficult in the future as both the number of new data types and the volume of data increase.