Trend Micro: 84% of U.S. Organizations Hit with Ransomware, Phishing

Many organizations report limited use of AI and machine learning to fight off attacks.

Edward Gately, Senior News Editor

July 12, 2021

3 Min Read
human error

A new Trend Micro study shows half of U.S. organizations can’t successfully counter ransomware and phishing threats.

The findings come from an  Osterman Research study commissioned by Trend Micro. Osterman compiled the study from interviews with 130 cybersecurity professionals in midsize and large organizations.

The study asked respondents to rate their effectiveness in 17 key best practice areas related to ransomware and phishing. Those ranged from protecting endpoints from malware infection to ensuring prompt patching of all systems.

Key Takeaways

Key takeaways from the report include:

  • One-half (50%) rated themselves ineffective overall at tackling phishing and ransomware.

  • Seventy-two percent consider themselves ineffective at preventing home infrastructure from being a conduit for attacks on corporate networks.

  • Only 37% believed they were highly effective at following 11 or more of the highlighted best practices.

Jon Clay is vice president of threat intelligence at Trend Micro. He said most surprising is the low organizational effectiveness of detecting these threats.


Trend Micro’s Jon Clay

“I’d like to see this higher in the future, which translates to organizations really looking at their existing people, process and technology (PPT) capabilities in defending against phishing and ransomware,” he said.

Many organizations still have limited use of artificial intelligence (AI) and machine learning (ML) in protecting themselves, Clay said.

“The current usage of AI/ML is quite low, and yet the industry has shown that utilizing these technologies to detect both phishing and ransomware is very effective,” he said.

Most Successful Attacks

The most common successful attacks were:

  • Business email compromise (BEC) (53%).

  • Phishing messages resulting in malware infection (49%).

  • Account compromise (47%).

The security issues flagged by respondents as most concerning were: phishing attempts landing in user inboxes (65%); users clicking on phishing links or opening attachments (65%); and data theft via ransomware actors (61%).

High success rates for both phishing and ransomware campaigns mean both are likely to intensify over the coming years, according to Trend Micro.

There’s no question that highly publicized attacks like Colonial Pipeline, JBS USA and Kaseya help build awareness to all organizations around the world, Clay said.

“The response from the U.S. government in elevating ransomware in line with a terrorist attack will hopefully build more urgency for public and private organizations to take action and build better security frameworks,” he said.

MSPs, MSSPs Can Help Organizations

MSPs can help businesses that are struggling with the PPT aspect of building a more secure infrastructure, Clay said.

“MSSPs bring improved PPT for a business and can help them out by bringing more people who are highly trained in cybersecurity, improved processes for managing the security solutions, and improved technology as they will implement the latest and greatest solutions and keep them up to date with the latest patches needed to stay secure,” he said.

Trend Micro recommends organizations:

  • Focus on root causes of compromise using a risk-based approach to address the most damaging threats.

  • Improve authentication via use of password managers, tweaking policies, monitoring for credential breaches, and even using passwordless authentication.

  • Take a PPT approach including user training, incident response processes and technology to detect and respond to threats early on.

  • Don’t wait for a breach before developing an incident response plan. Reach out to law enforcement, MSPs, your security vendors, and other key stakeholders now.

Read more about:

MSPsChannel Research

About the Author(s)

Edward Gately

Senior News Editor, Channel Futures

As news editor, Edward Gately covers cybersecurity, new channel programs and program changes, M&A and other IT channel trends. Prior to Informa, he spent 26 years as a newspaper journalist in Texas, Louisiana and Arizona.

Free Newsletters for the Channel
Register for Your Free Newsletter Now

You May Also Like