Credential theft via email phishing has become a widespread problem, the COVID-19 pandemic has exacerbated the issue. Users often reuse credentials across multiple systems, meaning stolen credentials can be used to break into corporate email systems or other assets, placing both individuals and organizations at growing risk.
29% of corporate security breaches involve the use of stolen credentials.
The profitability of ransomware is flourishing due to the simplicity of its business model and the ease of use of its operating model.
Ransomware can have an overwhelming impact on businesses of all sizes. Personal and corporate data, network share files (hosting sensitive employee data, intellectual property or customer data), and all other valuable content can be taken hostage by ransomware.
The Information Commissioner has the power to issue a monetary penalty for an infringement of the provisions of Part 3 of the Act – Law Enforcement Processing.
The standard maximum amount is £8.7 million or 2% of the total annual worldwide turnover in the preceding financial year, whichever is higher. However, a higher maximum does exist which is £17.5 million or 4% of the total annual worldwide turnover.
Given business is built on trust, it’s easy to see how a Phishing attack can cause business disruption.
The financial cost of remediation, the widespread reputational damage, impacted investor confidence and interruption of critical infrastructure & services, meaning employees are unable to carry out day-to-day tasks are a few examples of the impact to an organisation.