THE CYBER INTERVIEW
“ Criminals are lazy, and if you have money they will come for you and the easiest way to get in is the thing that they are going to do”
Chester Wisniewski Director and Global
Field CISO Sophos ransomware deployment and identity threat, Chet says that criminals are simply doing“ the easiest possible thing to break in”, which usually involves exploiting identity. However, this equation changes if there is a large scale exploit, in which case, criminals are known to switch tacks. Sophos data shows that 67 % of ransomware incidents were linked to identity compromise or identitybased attacks, while about 16 % of initial access methods involved vulnerability exploitation.
24 July 2026