Malware that locks users out of their systems, or steals their data and then demands a ransom to return it, is becoming increasingly common. In some cases, ransomware infections regularly recur because underlying issues are not addressed. Principally, these issues are not backing up data, poor patching procedures, and a lack of user awareness. A “company-wide training program on safe computer practices” is one of the best ways to mitigate this threat, so that, for example, every employee knows “how to recognize the signs of phishing attempts.”