One would think that the increasing number of companies conducting cybersecurity training would increase awareness about threats such a phishing and ransomware.
But in spite of increasing efforts to protect critical infrastructure and training employees on cybersecurity protocols, human error still accounts for 74% of total security breaches across industries globally..
According to Verizon, one of the most common methods of exploiting human nature is social engineering.
This refers to manipulating an organization’s sensitive information through techniques such as phishing, in which a hacker persuades a victim to click on a malicious link or attachment.
“Senior leadership represents a growing cybersecurity threat for many organizations,” said Chris Novak, Managing Director of Cybersecurity Consulting at Verizon Business.
“With the growth and increasing sophistication of social engineering, organizations must enhance the protection of their senior leadership now to avoid expensive system intrusions,” he continued.
The report mentioned that the median cost per ransomware incident doubled over the past two years.
95% of ransomware incidents experienced a loss costing between $1 million and $2.25 million.
In 2022, the number of ransomware attacks was greater than in the previous half a decade.
Representing almost a quarter of all breaches (24%), ransomware remains one of the top cyberattack methods.
Social engineering is increasingly being used to impersonate employees of businesses to gain financial benefits, a type of attack known as Business Email Compromise (BEC).
The median amount stolen in BECs has increased over the last couple of years to $50,000.
According to the findings, only 3% of threat actors were motivated by espionage. The other 97% were motivated by financial gains.