by Matt Barkett

April 27, 2022

About a year ago I wrote a blog about ransomware, which remains the most common type of data security incident today. Often referred to as a cyber-attack, bad actors from around the globe are becoming increasingly bold in their infiltration of IT infrastructure at organizations of all sizes and in all industries.

I referenced law firm BakerHostetler’s Data Security Incident Response Report in last year’s blog and when the 2022 report titled “Digital Assets and Data Management – Resilience and Perseverance” was released last week I thought it would again form the basis for brief commentary on this ever-evolving issue.

Key findings from the report include:

  • Ransomware remained the most prevalent and impactful type of data security incident. Threat actors continue to evolve tactics to increase extortion leverage, such as using publication countdown timers and contacting employees and customers directly to pressure the company to pay.
  • The pandemic, technology strategy and business continuity advantages are driving increased use of cloud assets, which also changes the risk landscape and makes additional security measures, like asset management and access controls, increasingly important.
  • E-crime continued, including a surge of wire fraud precipitated by gaining access to email accounts. There are concerns about e-crime actors supporting state entities as a result of the Russia/Ukraine war.

I found the commentary to be about as you would predict because virtually everyone I know – and several of our clients – have been impacted by a data security incident. However, the references to the Ukraine war and the potential for Russian cyber criminals playing a larger role in creating global chaos were particularly troubling. To me, that just reinforces that no one is immune and the risks are just growing incrementally.

Specific to ransomware, there have been some interesting developments year-over-year that surprised me. In aggregate, ransomware incidents were up 10 percent but ransom amounts paid were actually down 30 percent. This fact was attributed to better business continuity practices where organizations that took time to prepare and invest in cyber security were more likely to restore their systems from backups and had to pay less to get any compromised data unlocked.

The report again concludes with a reminder that advance preparation, substantive investment in IT security and proper insurance coverage are critical to minimizing the impact of a data security incident. On the communications side, having qualified PR counsel to work alongside skilled attorneys is another key resource.

Want to talk about your cyber communications preparedness? Email me at