If a single click on a phishing email can ruin the entire company, the blame doesn't lie with that individual.
While I somewhat agree, there are things even the best spam filters can't filter and Zero-Day-CVEs that Sys-Admins can't fix.
On the other hand, the company should be confident in their backups, which in most cases should allow for a continuation of their activities.
You're forgetting all the hardening in the middle to prevent the privilege escalation that would enable mass deployment of ransomware.
Only the hottest memes in Cybersecurity
While I somewhat agree, there are things even the best spam filters can't filter and Zero-Day-CVEs that Sys-Admins can't fix.
On the other hand, the company should be confident in their backups, which in most cases should allow for a continuation of their activities.
You're forgetting all the hardening in the middle to prevent the privilege escalation that would enable mass deployment of ransomware.