Despite heightened concerns over ransomware, fewer organizations in a Dark Reading survey reported being an actual victim of a ransomware attack over the past year.

Chart showing types of security breaches in organizations in 2021 compared to 2020.

Phishing, malware, and denial-of-service attacks remained the most common causes for data breaches in 2021. Data from Dark Reading’s latest Strategic Security Survey shows that more companies experienced a data breach over the past year due to phishing than any other cause. The percentage of organizations reporting a phishing-related breach is slightly higher in the 2021 survey (53%) than in the 2020 survey (51%). The survey found that malware was the second biggest cause of data breaches over the past year, as 41% of the respondents said they experienced a data breach where malware was the primary vector.

Despite the number of high-profile ransomware attacks over the past year, the number of organizations in the survey that experienced a breach as a result of ransomware was relatively low. Just 13% of organizations in the survey reported a ransomware-related breach in the past 12 months, compared with 17% in the 2020 survey.

Similarly, despite concern about targeted attacks, fewer organizations seem to be dealing with them. Only 15% of respondents identified their organizations as victims of a targeted attack in the past 12 months, compared with 25% in the 2020 survey. While organizations should take steps to defend against ransomware and targeted attacks, the data in the survey underscores the fact that defending against these types of attacks remain challenging for most organizations.

Source: Phishing Remains the Most Common Cause of Data Breaches, Survey Says (