ENISA Report: Threat Landscape for Ransomware AttacksIfigeneia Lella of ENISA Calls Out Major Gaps in Incident Reporting
The European Union Agency for Cybersecurity recently published its "Threat Landscape for Ransomware Attacks" report, which analyzes 623 ransomware incidents in the EU, U.K. and United States from May 2021 to June 2022. ENISA cybersecurity officer Ifigeneia Lella describes how the attacks and attackers have adapted and evolved over that time.
One concern from the findings is the lack of reliable data from targeted organizations to fully understand the ransomware problem or even know how many cases there are. Of the 623 incidents studied, it was not reported how the threat actors gained initial access in 594 of them, which is an overwhelming 95.3%.
Lella is hopeful that the arrival of the revised Network and Information Security Directive 2 in the EU and the enhanced notification provisions for security incidents will support a better understanding of relevant incidents.
In a video interview with Information Security Media Group, Lella discusses:
- Highlights from ENISA's latest research;
- Strategies that businesses can use to better protect against ransomware attacks;
- How ENISA is exploring ways to improve the reporting of cyber incidents.
Lella, who joined ENISA in 2016, has led the Threat Landscape initiative since 2021. Previously, she was a security engineer at the European Central Bank, where she was in charge of identity management projects. She has also served as an information security officer within the SOC team of the Hellenic Telecommunication Organization.