One-third of organizations experience a ransomware attack at least once a week, with nearly 10% experiencing them more than once a day.

The “2022 Impacts: Ransomware attacks and preparedness” report released by Menlo Security and conducted by SAPIO Research surveyed 505 information technology (IT) security decision makers at U.S. and U.K. organizations with more than 1,000 employees to determine the extent of ransomware targeting enterprise organizations and the impact this is having on security professionals’ own wellbeing.

Cybersecurity teams' top concerns

When asked what keeps cybersecurity teams awake at night, 41% of respondents say they worry about ransomware attacks evolving beyond their team’s knowledge and skillset, while 39% worry about them evolving beyond their company’s security capabilities.

Their biggest concern, however, is the risk of employees ignoring corporate security advice and clicking on links or attachments containing malware (46%). Respondents worry more about this than they do their own job security, with a quarter (26%) of respondents worried about losing their job.

Ransomware attack vectors

According to the report, around half of organizations have been the victim of a successful ransomware attack in the last 18 months, with users and prospective users the most likely entry point for an attack. Partners/suppliers and employees/contractors are also seen as serious security risks, although one in 10 enterprise security professionals say they are unable to identify how the attacks got in. The top three known ransomware attack vectors are email (54%), web browsers via a desktop or laptop (49%) and mobile devices (39%).

For more report findings, click here.