Security Awareness Training – Ransomware

June 26, 2025

One Click Is All It Takes

 

A single click on a phishing link. A password change request that didn’t feel quite right. A forgotten remote desktop login. That’s all it takes for ransomware to slip in and start locking down systems—and businesses.

 

Why Ransomware Is Still a Threat

 

Despite increased awareness, ransomware attacks are more sophisticated than ever. Attackers no longer just encrypt data—they steal it, threaten to leak it, and often return for a second round once they know a company is willing to pay. The targets are often smaller organizations, schools, hospitals, and infrastructure providers—groups that can’t afford extended downtime and are more likely to pay.

 

From the Colonial Pipeline to a rural Illinois hospital that shut its doors, the consequences are severe. And with ransomware-as-a-service models now in play, the barrier to entry for attackers is frighteningly low.

 

How It Gets In

 

Ransomware typically enters through familiar doors:

  • Phishing emails
  • Malicious websites and drive-by downloads
  • Exposed remote desktop (RDP) connections with weak credentials
  • Vulnerabilities in third-party software or supply chains

 

Even well-meaning employees can accidentally open the door by responding to convincing messages that appear to come from internal systems, like password reset requests over Teams.

 

What Organizations Can Do

 

The good news is there’s a lot we can do to stay ahead of these attacks. In our recent security training, Paula Biggs emphasized some key protective steps:

 

  • Think before you click—especially on unexpected links or login prompts
  • Use strong, unique passwords (and a password manager)
  • Keep software patched across all devices and platforms
  • Back up data in multiple places, including offsite backups
  • Segment your network to limit access and damage
  • Invest in endpoint protection and monitor your network 24/7
  • Train your team regularly—awareness is still your first line of defense

 

Be Ready Before It Happens

 

If you’re not sure how your organization would respond to a ransomware incident, now is the time to create or revisit your incident response plan. CISA.gov offers a helpful outline, but your plan should include clear steps for isolating systems, preserving forensic evidence, notifying internal stakeholders, and communicating with law enforcement.

And while it’s tempting to think of paying the ransom as a shortcut to recovery, the reality is more complicated. You may not get your data back, and you may unknowingly be paying an entity that puts your organization at legal risk. Even worse, paying once can make you a target again.

 

Final Thoughts

 

Ransomware isn’t going away, but it doesn’t have to shut you down. With smart planning, consistent training, and a few basic controls, you can significantly reduce your risk—and your downtime.

 

If you’d like support evaluating your organization’s readiness or building a practical prevention plan, we’re here to help. Reach out any time.

 

You May Like These Posts

Real Life GRC Horror Stories: Top Mistakes Haunting Your Program

Just in time for Halloween, we’re pulling back the curtain on the Top 10 GRC Nightmares plaguing organizations today. From programs that only exist to “pass the audit,” to treating compliance as a checkbox exercise, these haunting mistakes can leave your organization more vulnerable than you realize. In this session, we’ll identify the most common […]

Why Cybersecurity is as much Art as Science

In this kickoff episode of The Art of Cybersecurity, host Cheri Hotman shares why this podcast exists and what listeners can expect. Cyber isn’t just science or technology — it’s art. It’s messy, constrained, people-driven, and ultimately about mitigating risk to protect people and data. Cheri cuts through the noise of “easy button” tools, audit-passing […]

A Practical Approach to Choosing the Right GRC Tool

With countless GRC tools on the market, how do you know which one is the right fit for your organization? The wrong choice can lead to wasted resources and unmet security goals. In this session, we’ll walk through real-world cases, breaking down why specific tools were chosen and how they were successfully implemented. You’ll learn […]

Supply Chain Security: Managing Risk Beyond Your Vendors

When it comes to third-party supply chain security, there’s a big difference between doing it and doing it right. Every vendor you work with brings their own vendors into the mix—so who truly owns the risk? In this session, we’ll explore how to identify, assess, and mitigate supply chain risks at every level without overburdening […]

The Difficulties of People Taking Ownership

So, you've got an amazing team of tech savvy folks who love the tech side of things.     They excel in implementing the latest tools and systems, but when it comes to the less glamorous side - like making sure tasks are completed and nobody drops the ball - things start to get a bit […]

Security Awareness Training – Artificial Intelligence & Emerging Security Risks

Join us for an essential Security Awareness Training session focused on the evolving landscape of Artificial Intelligence (AI) and the emerging security risks that come with it. In this session, we explore how AI is being used in everyday tools—and how it's also creating new opportunities for threat actors. This training emphasizes awareness, responsible usage, […]

Where Compliance Meets Security: Doing Both the Right Way

Compliance and cybersecurity are often seen as separate priorities—but the truth is, good compliance reduces risk when done right. So how do you effectively integrate both for a stronger security posture? In this session, we’ll break down the intersection of compliance and cybersecurity, share best practices, and walk through real-world examples of organizations that have […]

CMMC 101: What you need to know from framework to final rule

With a staggering loss of $3.5 billion in intellectual property through its contractors a year, the Department of Defense (DoD) needed a way to shore up cybersecurity in the Defense Industrial Base (DIB). From this need, the Cybersecurity Maturity Model Certification (CMMC) program was created with an initial release in 2020.   The entire purpose […]

Security Awareness Training – Ransomware

One Click Is All It Takes   A single click on a phishing link. A password change request that didn’t feel quite right. A forgotten remote desktop login. That’s all it takes for ransomware to slip in and start locking down systems—and businesses.   Why Ransomware Is Still a Threat   Despite increased awareness, ransomware […]

Post A Comment

Leave a Reply

Your email address will not be published.

Endless audits and customer demands were never supposed to replace real security.
We build, implement, and run Cyber GRC programs that reduce risk, protect the business, and still pass audits.

Hotman Group is a certified

woman-owned business (WOSB)

Hotman Group, LLC

Fort Worth, TX

Privacy Policy | Terms of Service | All Rights Reserved © Hotman Group, LLC