Resiliency is Key Against Ransomware Attacks

Resiliency is Key Against Ransomware Attacks

By Greg Tavarez

Bad actors in cyberattacks become more sophisticated even when new cybersecurity solutions are innovated to thwart them. The one category of attack that demands more attention is ransomware as bad actors are developing new ways to pressure organizations into paying ransom payments, and a successful ransomware attack makes data recovery a challenge.

The concern for ransomware is prominent, but corporate executives do not want to spend on solutions without clear evidence of the improvements being made. This is a reasonable business decision as organizations do not want to shell out for something that has a chance of failing.

However, Info-Tech's findings go against what corporate executives believe. According to Info-Tech, organizations misunderstand the risk scenarios associated with ransomware attacks and underestimate the potential financial impact of an attack. The cost of an attack is more than just the ransom when a deeper look is taken. Recovery costs include detection and response, notification, lost business and post-breach response.

To help IT leaders improve their organizations’ abilities to gain better understandings of ransomware and defend against ransomware attacks in the current climate, Info-Tech Research Group published a new research-backed industry blueprint, Build Resilience Against Ransomware Attacks.

“Organizations need to focus on building resiliency to withstand these attacks instead of solely relying on response and recovery," said Michel Hébert, Research Director at Info-Tech Research Group. “The process of building resilience is like climbing a mountain, requiring time and planning and help from others to overcome challenges and work through problems.”

The firm recommends disrupting the attack at every stage of the attack workflow. This includes putting controls in place to prevent intrusion, improve detection, respond more quickly and recover more effectively.

To start, security leaders need to conduct a resilience assessment, build a risk scenario and determine the business impact. The firm recommends that security leaders conduct a thorough assessment of the current state of the organization, identify potential gaps and assess the possible outcomes of an attack.

After that, security leaders need to reduce the attack surface. According to the firm, this means to analyze attack vectors, prioritize controls that prevent ransomware attacks, and implement ransomware protection and detection.

Finally, security leaders are recommended to go through a respond-and-recover step. This requires them to visualize, plan and practice ransomware response and recovery to reduce the potential impact of an attack.

Going back to what Hébert said, organizations need to become resilient against ransomware. Following the blueprint provided by the firm allows organizations to focus on what is in their control and cultivate strengths that allow them to protect assets, detect incursions, and respond and recover quickly in the future.

Edited by Alex Passett
Get stories like this delivered straight to your inbox. [Free eNews Subscription]

MSPToday Editor

Related Articles

Mutare Brings Together Cybersecurity Community to Raise Vishing Awareness

By: Greg Tavarez    3/28/2023

Mutare is collaborating with government agencies, business coalitions and private industry in an educational campaign to raise awareness of the risks …

Read More

Only 15% of Organizations Deemed Mature Enough to Defend Against Cybersecurity Risks

By: Greg Tavarez    3/28/2023

Fifteen percent of organizations globally have the maturity level of readiness needed to be resilient against today's modern cybersecurity risks, acco…

Read More

Opti9 Offerings Strengthen Veeam Customers' Security Stacks

By: Greg Tavarez    3/28/2023

Opti9 introduced its standalone offerings for Veeam, which are managed services for Veeam Software and its AI-based ransomware detection and remediati…

Read More

How Businesses are Navigating Migrations and Marketplace Shifts

By: Alex Passett    3/28/2023

Westcon-Comstor recently published a report that explored challenges found amongst shifting subscription and recurring revenue models for businesses.

Read More

Cybersecurity Essentials: BSA Expands Managed Security Solutions

By: Alex Passett    3/24/2023

Bridge Security Advisors (BSA) has announced an addition to its Essential Security Solution (ESS): the Managed Security Solution (MSS) offering.

Read More