To help IT leaders improve their organization’s ability to prevent incursions and defend against ransomware attacks in the current climate, global IT research and advisory firm Info-Tech Research Group published a new research-backed industry blueprint, titled Build Resilience Against Ransomware Attacks.
Cyberattacks, especially ransomware, are becoming more sophisticated, more frequent, with more severe impacts, year over year. The attacks can quickly encrypt systems and steal sensitive data, making data recovery challenging for organizations.
Ransomware is a high-profile threat that demands immediate attention, as it is a much more complex security threat than other types of attacks. Malicious actors have also developed increasingly sophisticated methods to pressure organizations into paying ransom payments. These emerging strains can exfiltrate, encrypt, and destroy data and backups in hours, making data recovery a grueling challenge.
The findings show that organizations often misunderstand the risk scenarios associated with these attacks, which can lead to underestimating the potential impact of an attack. The cost of a ransomware attack goes beyond just the ransom, with four key areas driving recovery costs: detection and response, notification, lost business, and post-breach response.
Securing Systems From Ransomware
To effectively protect against ransomware, the firm recommends disrupting the attack at every stage of the attack workflow, which includes putting controls in place to prevent intrusion, improve detection, respond quickly, and recover effectively. Organizations also struggle with “dwell time,” which is the time between when a malicious actor gains access to a network and when they are detected. Organizations must improve their ability to detect and respond early to prevent serious disruption from these attacks.
As outlined in the blueprint, security leaders must conduct a thorough assessment of their current state, identify potential gaps, and assess the possible outcomes of an attack. Info-Tech advises the following holistic methodology to build resiliency against potential ransomware attacks:
Assess resilience – It is essential to conduct a resilience assessment, build a risk scenario, and determine the business impact. Conduct a thorough assessment of the current state, identify potential gaps, and assess the possible outcomes of an attack.
Protect and detect – Analyze attack vectors, prioritize controls that prevent ransomware attacks, and implement ransomware protection and detection to reduce the attack surface.
Respond and recover – Visualize, plan, and practice ransomware response and recovery to reduce the potential impact of an attack.
To learn more, download the complete Build Resilience Against Ransomware Attacks blueprint.