A type of malicious attack where threat actors gain access to an organization’s data and exert control over its data in some way (whether via encryption or threatened public release) unless the organization pays a ransom. Less than 50% of organizations that pay ransoms actually receive their data back. Therefore, organizations must invest in identification, protection, detection, and response solutions to protect their data.