Resiliency is Key Against Ransomware Attacks

Resiliency is Key Against Ransomware Attacks

By Greg Tavarez

Bad actors in cyberattacks become more sophisticated even when new cybersecurity solutions are innovated to thwart them. The one category of attack that demands more attention is ransomware as bad actors are developing new ways to pressure organizations into paying ransom payments, and a successful ransomware attack makes data recovery a challenge.

The concern for ransomware is prominent, but corporate executives do not want to spend on solutions without clear evidence of the improvements being made. This is a reasonable business decision as organizations do not want to shell out for something that has a chance of failing.

However, Info-Tech's findings go against what corporate executives believe. According to Info-Tech, organizations misunderstand the risk scenarios associated with ransomware attacks and underestimate the potential financial impact of an attack. The cost of an attack is more than just the ransom when a deeper look is taken. Recovery costs include detection and response, notification, lost business and post-breach response.

To help IT leaders improve their organizations’ abilities to gain better understandings of ransomware and defend against ransomware attacks in the current climate, Info-Tech Research Group published a new research-backed industry blueprint, Build Resilience Against Ransomware Attacks.

“Organizations need to focus on building resiliency to withstand these attacks instead of solely relying on response and recovery," said Michel Hébert, Research Director at Info-Tech Research Group. “The process of building resilience is like climbing a mountain, requiring time and planning and help from others to overcome challenges and work through problems.”

The firm recommends disrupting the attack at every stage of the attack workflow. This includes putting controls in place to prevent intrusion, improve detection, respond more quickly and recover more effectively.

To start, security leaders need to conduct a resilience assessment, build a risk scenario and determine the business impact. The firm recommends that security leaders conduct a thorough assessment of the current state of the organization, identify potential gaps and assess the possible outcomes of an attack.

After that, security leaders need to reduce the attack surface. According to the firm, this means to analyze attack vectors, prioritize controls that prevent ransomware attacks, and implement ransomware protection and detection.

Finally, security leaders are recommended to go through a respond-and-recover step. This requires them to visualize, plan and practice ransomware response and recovery to reduce the potential impact of an attack.

Going back to what Hébert said, organizations need to become resilient against ransomware. Following the blueprint provided by the firm allows organizations to focus on what is in their control and cultivate strengths that allow them to protect assets, detect incursions, and respond and recover quickly in the future.




Edited by Alex Passett
Get stories like this delivered straight to your inbox. [Free eNews Subscription]

MSPToday Editor

SHARE THIS ARTICLE
Related Articles

Shining a Light on the Dark Web: Searchlight Cyber Debuts Comprehensive Hub

By: Greg Tavarez    3/28/2024

The Dark Web Hub is a one-stop shop for crucial context and continuously updated information on dark web marketplaces, ransomware actors, hacking foru…

Read More

Stellar Cyber and Trellix Bridge the Gap in Security Operations

By: Greg Tavarez    3/28/2024

Stellar Cyber announced the integration with Trellix Endpoint Security HX to allow customers to deploy more robust security solutions and improve thei…

Read More

CyberSaint Raises $21M in Series A Funding to Continue Securing its CyberStrong Customers

By: Alex Passett    3/27/2024

CyberSaint announced that it succeeded in a huge $21 million Series A funding round. This was led by Riverside Acceleration Capital (RAC) with other i…

Read More

US Education Receives Security Upgrade with Free Browser Protection Offered by Conceal, Carahsoft

By: Greg Tavarez    3/27/2024

Conceal and Carahsoft recently unveiled an initiative to fortify the cybersecurity infrastructure of U.S. educational institutions.

Read More

Cato's AI Takes Control of Security and Incident Response

By: Greg Tavarez    3/27/2024

With Cato's recently announced Network Stories for Cato XDR, advanced AI algorithms instantly identify outages in customer networks and conduct root c…

Read More