As intelligence chiefs around the world declare war on ransomware, training and individual responsibility provide crucial protection, says Questionmark

October 19, 2021 — Intelligence leaders at America’s National Security Agency1 and the UK’s National Cyber Security Centre (NCSC)2 have declared ransomware the top cybersecurity threat in 2021.

Questionmark, the online assessment provider, says it is time to end the era of internet ignorance, and tackle the growing ransomware threat through staff assessments and training.

Research shows, when it comes to cybersecurity, the weak link in the chain is human decision-making. A recent study found the overwhelming majority (79 percent) of employees engaged in at least one risky activity in the past year. Only one in six (16 percent) felt their organization is at very high risk of cybersecurity attack.3

In stark contrast, the cyber threat could not be more real. IT security professionals in one paper revealed that almost nine out of 10 (88 percent) felt the threat of ransomware was a concern, and one in three (35 percent) said their organization had already been a victim.4 The cost of such attacks is also on the rise: it has been estimated that ransomware attacks in education cost on average $2.73 million, ahead of financial services attacks at $2m and healthcare at $1.3m.5

John Kleeman, Founder of Questionmark, said: “This has been the year of ransomware, with major stories dominating the press from the start. The common factor in most ransomware attacks is they originate with an often very simple human error, such as an insecure password or a member of staff downloading material from email or the internet. Senior leaders can use assessment tools to gauge cyber hygiene across the organization and design training to end the era of internet ignorance.”

With the Questionmarkplatform, employers can create assessments that test the cybersecurity knowledge of their workers. These tests can measure the extent to which team members understand relevant organizational security policies. Leaders can be confident that their people know what is expected of them.

The Questionmark Cybersecurity for Home-Based Workers assessment is a ready-made test that enables employers to measure the level of cybersecurity awareness across the workforce.

Where the test identifies problems, employers can introduce training to address them. Further assessments can check that the training has worked.

https://www.questionmark.com/platform-services/cybersecurity-for-home-based-workers

About Questionmark

Questionmark unlocks performance through reliable and secure online assessments.

Questionmark provides a secure enterprise-grade assessment platform and professional services to leading organizations around the world, delivered with care and unequalled expertise. Its full-service online assessment tool and professional services help customers to improve their performance and meet their compliance requirements. Questionmark enables organizations to unlock their potential by delivering assessments which are valid, reliable, fair and defensible.

Questionmark offers secure powerful integration with other LMS, LRS and proctoring services making it easy to bring everything together in one place. Questionmark’s cloud-based assessment management platform offers rapid deployment, scalability for high-volume test delivery, 24/7 support, and the peace-of-mind of secure, audited U.S., Australian and European-based data centers.


[1] https://www.nextgov.com/cybersecurity/2021/10/nsa-cyber-chief-spells-out-near-term-priorities/185908/

[2] https://www.bbc.co.uk/news/uk-58877433

[3] https://thycotic.com/resources/global-cyber-security-research-results-2021/

[4] https://blog.barracuda.com/wp-content/uploads/2018/06/EmailSecurityTrends_Global.pdf

[5] https://www.sophos.com/en-us/medialibrary/pdfs/whitepaper/sophos-state-of-ransomware-in-education-2021-wp.pdf