Ransomware, data breaches, phishing schemes—cyber attacks can take many forms. Traditionally, the motive of these attackers can often be traced back to some sort of tangible goal. An attacker may want to extort some financial gain from a business, while another may seek to gather sensitive information to commit other crimes, like fraud. Any breach or lapse in security can lead to potentially devastating regulatory fines, lost resources, repair costs, or even irreparable damage to a brand. Fortunately, in these cases, security teams still have the advantage of understanding what an actor might do or is planning to do based…
Avani Desai
Avani Desai
Avani is Chief Executive Officer at Schellman, the largest niche cybersecurity assessment firm in the world that focuses on technology assessments. Avani is an accomplished executive with domestic and international experience in information security, operations, P&L, oversight, and marketing involving both start-up and growth organizations. She has been featured in Forbes, CIO.com, and the Wall Street Journal, and is a sought-after speaker as a voice on a variety of emerging topics, including security, privacy, information security, future technology trends, and the expansion of young women involved in technology.
Historically, the holiday season has always seen a rise in phishing, ransomware, and supply chain attacks as threat actors take advantage of distracted employees, higher transaction volumes, and reduced staffing. Over the past year, with ransomware already running rampant, those risks are compounding even at the beginning of the year. According to research from Microsoft, extortion and ransomware accounted for half of all cyber attacks during the first half of 2025. Attackers have been seeing opportunities all year, and the current conditions have also left openings that they may be quick to exploit, making this one of the highest-risk periods…