Phishing Remains the Most Common Cause of Data Breaches

Despite heightened concerns over ransomware, fewer organizations in a Dark Reading survey reported being an actual victim of a ransomware attack over the past year.

Phishing, malware, and denial-of-service attacks remained the most common causes for data breaches in 2021. Data from Dark Reading’s latest Strategic Security Survey shows that more companies experienced a data breach over the past year because of phishing than any other cause. The percentage of organizations reporting a phishing-related breach is slightly higher in the 2021 survey (53%) than in the 2020 survey (51%). The survey found that malware was the second biggest cause of data breaches over the past year, as 41% of the respondents said they experienced a data breach where malware was the primary vector.

Even though there have been a number of high-profile ransomware attacks over the past year, the number of organizations in the survey who experienced a breach as a result of ransomware is relatively low. Just 13% of organizations in the survey reported a ransomware-related breach in the past 12 months, compared to 17% in the 2020 survey.

Similarly, even though there is a lot of concern about targeted attacks, fewer organizations seem to be dealing with them. Only 15% of respondents identify their organizations as victims of a targeted attack in the past 12 months, compared to 25% in the 2020 survey. While organizations should take steps to defend against ransomware and targeted attacks, the data in the survey underscores the fact that defending against these types of attacks remain challenging for most organizations.

By DarkReading