Malicious cyberattacks increased exponentially in 2021. A record number of almost 850,000 complaints related to cybersecurity were recorded by Americans last year resulting in close to U.S. $7 billion lost, according to the FBI’s Internet Crime Compliant Center (IC3) .

Among the types of cybercrimes reported to the FBI, ransomware is on the rise and becoming more sophisticated in recent years while remote work and schooling are more prevalent. For those unaware, ransomware is a malicious software (malware) that makes a computer unusable while a cyber criminal holds data hostage until they are paid.

The Cybersecurity & Infrastructure Security Agency (CISA) reports that ransomware tactics and techniques have continued to evolve and become a larger threat.

In response to several high-profile cyberattacks, (ISC)² commissioned a research report, “Ransomware in the C-Suite: What Cybersecurity Leaders Need to Know About What Executives Need to Hear ,” to offer executives and cybersecurity teams recommended actions to bolster ransomware defenses. The report offers five key tips for cybersecurity leaders to consider when discussing ransomware threats with executives. To learn more about the five key tips and what executives want to know about ransomware threats, visit: https://www.isc2.org/Research/Ransomware-Study .

In 2021, 14 out of 16 critical infrastructure sectors considered vital to the United States were victimized with reports of 649 ransomware attacks. The healthcare and public health industry was the hardest hit by ransomware followed by the financial services sector. The IC3 expects that critical infrastructures will continue to be heavily targeted in 2022 and beyond.

A 2021 Trends Report by cybersecurity authorities in the United States, Australia and the United Kingdom recognize ransomware as one of the biggest cyber threats and provide suggested actions to take to protect against ransomware including: updating operating systems and software, implementing user training for awareness of suspicious links, using Remote Desktop Protocol (RDP), having offline backups and using multifactor authentication (MFA).

Education and awareness are the keys to preventing ransomware. To help increase ransomware education and prevention, the (ISC)² Professional Development Institute offers the course Ransomware: Identify, Protect, Detect, Recover . This online course is free for (ISC)² members and associates as part of your member benefits.

Join for free and read what your peers have to say about ransomware as they discuss the latest topics like this on the (ISC)² Community .