One of the key things for keeping on top of ransomware threats, in my opinion, is understanding the most likely avenue a criminal would use to target your company. Increasingly, this stems from credential theft and information-stealing malware, rather than just the exploitation of software vulnerabilities. For most businesses, understanding the risk from this kind of malware should be one of the highest priorities, as oftentimes the threat itself originates from personal devices. Where an employee has used a personal device and syncs passwords between their corporate and personal systems is where a large proportion of stolen corporate credentials appear, and subsequently get shared on dark web forums and messenger platforms such as Telegram. Understanding this, in addition to using information like the exploit prediction scoring system (EPSS), can be incredibly powerful for staying on top of the most vulnerable aspects of a ransomware attack. Patching vulnerabilities with a high EPSS, particularly those that appear on known exploited vulnerability (KEV) lists, will also go a very long way to protecting an organisation from being successfully targeted by cybercriminals. For most organisations, the goal of preventing ransomware should be considered as making your company more problematic to get into than the next company, so a threat actor gives up. By staying on top of compromised credentials and KEV list vulnerabilities and following a few other best practices, you can significantly reduce the risk from ransomware and other cybercrime.