Phishing and ransomware are serious problems that can steal or disable access to corporate or personal finances, sensitive employee data, patient data, intellectual property, employee files and other valuable content. Both ransomware and phishing attacks and their variants – spearphishing/whaling and CEO Fraud/Business Email Compromise (BEC) – are increasingly common and are having devastating impacts on businesses of all sizes. The financial impact of cybercrime in general – and phishing and ransomware in particular – is hard to assess for a variety of reasons, but the FBI estimates that ransomware alone cost organizations $209 million in just the first three months of 2016i.

Phishing and ransomware are critical problems that every organization must address and through a variety of means: user education, security solutions, vulnerability analysis, threat intelligence, good backup processes, and even common sense. The good news is that there is much that organizations can do to protect themselves, their data, their employees and their customers.


This survey report presents the results of a primary market research survey conducted with members of the Osterman Research survey panel during August 2016.