Common Cybersecurity and Data Privacy Facing Organizations Today

Posted on July 31, 2025 by LeadingAge Minnesota

With the average data breach costing organizations $4.88 million, we must be aware of the leading cybersecurity threats.

These threats include:

Ransomware and malware

Ransomware has become a prominent cyber threat in the digital landscape, where attackers encrypt a victim’s files and demand payment, typically in cryptocurrency, in exchange for restoring access. This can lead to substantial financial and operational disruptions.

Beyond a ransomware attack, various forms of malware—including viruses, worms, trojans, and spyware—continue to emerge. These malicious programs are designed to infiltrate systems, steal sensitive information, disrupt operations, or even cause irreparable damage to critical infrastructure.

Advanced persistent threats

Advanced persistent threats are prolonged, targeted assaults that allow intruders to infiltrate a network, often remaining undetected for months or even years. During this time, they gather intelligence, steal sensitive data, or lay the groundwork for more significant disruptions. Advanced persistent threats are typically organized by well-funded, highly skilled cybercriminals, such as nation-states or organized crime groups, aiming to achieve strategic objectives.

The covert nature of these attacks highlights the need for continuous monitoring, advanced detection systems, and a comprehensive response plan for cyber incidents.

Artificial intelligence

While the use of AI systems has introduced advancements, it has also created unintended risks. One of the primary concerns is the exposure of sensitive information through large language models (LLMs). These models, trained on massive datasets, can sometimes reveal proprietary or confidential data that was never intended for public release.

Cybercriminals exploit AI’s capabilities, particularly in evolving phishing schemes and business email compromises. By leveraging AI, attackers can create more convincing and sophisticated deception tactics, making it difficult for users to discern between legitimate and malicious communications.  

How to mitigate cyber risks

To effectively mitigate cyber risks, organizations must adopt a multifaceted approach that includes advanced technology, proactive measures, and well-coordinated response strategies. One powerful cyber risk management tool is predictive analytics, which leverages AI applications to assess and interpret workforce behavior and performance.

By using this data, organizations can identify potential vulnerabilities, such as insufficient technology training or unsafe digital habits, allowing them to address these issues before they lead to breaches. Predictive analytics also helps to pinpoint the additional training needs of employees, enhancing their ability to navigate technology securely and prevent inadvertent risks.

Equally important is maintaining strong cyber hygiene within an organization. This starts with robust patch and vulnerability management programs, where patches—updates released by software vendors to fix security flaws—ensure that all systems are up-to-date and free from exploitable weaknesses. Additionally, business leaders should implement secured and encrypted backups to safeguard their data against potential threats, such as a ransomware attack.

Coupled with these technical measures, regular employee training and awareness programs play a critical role. By educating staff on the latest cybersecurity threats and best practices, companies can foster a culture of vigilance and responsibility, significantly reducing the chances of human error leading to security breaches.

In the event of a cyber incident, a well-structured incident response plan is crucial.

What’s included in an incident response plan?

A formal incident response plan is a written document that helps an organization before, during, and after a cybersecurity incident.  The document should note the following elements:

• Communication plan: How to communicate internally and externally during an incident
• Containment procedures: How to limit the damage of an event, like isolating systems or disabling network connections
• Eradication procedures: How to remove all traces of the security threat, such as disabling user accounts or deleting malware
• Incident response framework: The organization’s approach to incident response, which includes preparation, detection, containment, eradication, recovery, and post-incident activities
• Key performance indicators: A way to measure a response plan’s effectiveness
• Post-incident improvements: Ways the organization can learn from the incident and prevent similar problems in the future
• Recovery procedures: How to restore normal operations, including restoring from backups or rebuilding systems
• Roles and responsibilities: A clear definition of who is responsible for what

Cybersecurity best practices

Regular software updates and patch management

One of the simplest yet most effective defenses against cyberattacks is keeping all software, applications, and operating systems up to date. Cybercriminals often exploit vulnerabilities in outdated software, so establishing a regular patch management schedule ensures that these weaknesses are addressed as soon as possible. Automated patching solutions can further streamline this process.

Multi-factor authentication

This adds a layer of protection by requiring two or more verification methods before granting access to accounts or systems. This practice helps secure accounts even if login credentials are compromised, making it significantly harder for unauthorized users to gain access.

Strong password policies

Encourage the use of complex, unique passwords for all accounts and systems, and implement policies that require regular password updates. Password management tools can help employees securely store and manage their credentials without relying on easily guessed passwords.

Data encryption

Encrypt sensitive data both at rest and in transit to protect it from unauthorized access or theft. Whether stored in databases, shared over networks, or kept in cloud environments, encryption adds a critical layer of security to ensure that even if data is intercepted, it remains unreadable.

Network security

Use firewalls, intrusion detection systems, and intrusion prevention systems to monitor and protect the network from unauthorized traffic and malicious activity. Segmenting networks can also help prevent attackers from moving laterally through the system once they gain access.

Security audits and assessments

Regularly conducting security audits and vulnerability assessments helps identify weaknesses in systems, processes, and controls. These audits can highlight compliance gaps, reveal potential threats, and offer opportunities for improvement.

How Marsh McLennan Agency can help

By understanding and addressing every potential risk, business leaders can become more resilient to present and future uncertainties. Our team provides guidance on proactive cyber risk management solutions that help you navigate potential cybersecurity threats, preparing your organization for whatever may happen.

To learn more about Marsh McLennan Agency’s cyber risk management solutions, contact Dan Hanson dan.hanson@marshmma.com (763.548.8599) or visit www.marshmma.com.