Whether unintentional or malicious, phishing campaigns and malicious internet links provide simple vectors that bring major impacts from ransomware at the hands of an insider. This talk takes a new focus on risk management related considerations and actions that might limit the impacts and likelihood ransomware attacks from an insider threat vector.