Check out all the Intelligent Security Summit on-demand sessions here..
The “if and when not” mentality surrounding ransomware may be the greatest threat to business survival today. Businesses of all sizes and industries are increasingly targeted by ransomware attacks, with 94% of organizations experiencing a cybersecurity incident last year alone. However, many companies continue to use decades-old security protocols that are ill-equipped to combat modern ransomware. Leaders have prioritized improving physical security measures in light of the pandemic. So why hasn’t ransomware protection improved?
Perhaps it’s a misconception that ransomware attacks are declining. In fact, in the first quarter of 2022, he saw a 200% year-over-year increase in ransomware incidents. Meanwhile, the rise in ransomware-as-a-service (RaaS) offerings suggests that cyberthreats have become a commodity for bad actors.
The RaaS market presents a troubling new trend for business leaders and IT professionals. With RaaS, a subscription ransomware model that allows affiliates to deploy malware for a fee, the barrier to entry for hackers has never been lower. The reason the average ransomware downtime plummeted to just 3.85 days (versus the average attack duration of over two months in 2019) may be due to the relatively immature nature of RaaS hackers. Despite the promise of shorter attack windows, the rise of RaaS suggests an inconvenient truth for business leaders. In short, all organizations are at risk. Over time, all organizations will be targeted, requiring IT and business leaders to implement stringent cybersecurity protocols.
The Ransomware Waiting Game Is More Dangerous Than Ever
In January 2022, hackers broke into a data center in Bernalillo County, New Mexico. Critical infrastructure outages continued for several days, including the shutdown of security cameras and automatic locking mechanisms inside the county’s largest detention center. Months after destroying the ransomware agent, Bernalío County officials implemented an endpoint detection and response (EDR) system, multi-factor authentication (MFA) for all employee accounts, and 24/7 security. Implemented a robust cybersecurity strategy, including monitoring and new virus scanning software. .
Intelligent Security Summit On Demand
Learn the critical role of AI and ML in cybersecurity and industry-specific case studies. Check out today’s on-demand session.
Several lessons have been learned from the Bernallio County ransomware breach and its subsequent response. First, this attack shows that ransomware can harm organizations and citizens in non-monetary ways. During the incident, residents of Bernalillo County experienced a significant service outage, and county inmates were held in solitary confinement for several days. This is in line with his Gartner prediction that ransomware attacks will increasingly damage the physical world, with human casualties as early as 2025.
This incident is also an example of a determined (if delayed) response to the fight against ransomware. Necessary cybersecurity measures such as MFA, remote monitoring and EDR can go a long way in preventing successful ransomware attacks, but only if experts deploy them. Previous cyber attack. Unfortunately, many business leaders continue to wait for reasons to implement robust cybersecurity protocols. As a result, their organization will ultimately and inevitably suffer like the residents of Bernalillo County.
It’s important to prioritize a proactive security strategy
Organizations don’t have to settle for or settle for a ransomware agent. Business and IT leaders have access to the same evolving AI and machine learning (ML) capabilities employed by modern hackers. This means that your organization’s cybersecurity will be equally effective and agile. Decision makers looking to prevent collateral damage from cyberattacks should implement a ransomware protection strategy now.
A good haptic protection plan often requires third-party vendors to provide security insights and monitoring capabilities. However, business and IT leaders should only consider ransomware protection as a service (RPaaS) solutions that offer cloud-based, on-premises-friendly strategies. When Hybrid data center. That way, as your organization grows or even shrinks, your cybersecurity package can scale without adding software.
And that level of scalability is more important than ever. According to Gartner, 30% of businesses will adopt his all-in-one SaaS cybersecurity solution by 2024. As such, business leaders should consider cybersecurity solutions that offer a wide range of interoperable managed services.
Cybersecurity in a hybrid work environment
Leaders should also carefully vette all offerings from potential cybersecurity vendors. At a minimum, your provider of choice should offer an EDR and security information and event management (SIEM) solution.
EDR is a critical component of a rigorous cybersecurity program, especially in hybrid work environments where employee devices (or endpoints) are scattered around the world. The existence of different endpoints poses new challenges to cybersecurity. It also highlights the importance of trusted cybersecurity parameters such as MFA and single sign-on (SSO) protocols to protect network access points from malicious actors. EDR systems provide peace of mind for IT and business leaders no matter where their employees are.
Similarly, SIEMs provide leaders with data visibility, a necessary ingredient for operational efficiency in complex work environments. When used system-wide, SIEMs collect data and organize all insights into a unified dashboard. This feature removes the noise from information that is important to your organization, allowing IT professionals to make more informed cybersecurity decisions. SIEMs can also use ML to suggest enhanced security measures and efficiency improvements tailored to the host organization.
In the event of an attack, AI-powered solutions reduce threat vectors and associated costs. According to IBM, organizations that successfully implement AI-based applications like SIEMs resolve cyber threats 27% faster than their competitors. And since a lengthy data breach can result in millions of dollars lost, organizations should consider adopting RPaaS tools like his EDR and SIEM sooner or later.
Ransomware: Prepare for the “when”, not the “if”
The first step in dealing with the ransomware threat is to accept that your organization will sooner or later become a target. Reaching this realization becomes even more important as interest in casual ransomware via RaaS grows and international disputes increase the potential for large-scale compromise.
I have good news. Ransomware attacks are inevitable, but breaches are. Robust cyber defenses help organizations prevent financial loss and mission-critical service outages. The key to preparing for phishing and ransomware attempts is to find a trusted partner to help you on your journey.
But there are other opportunities to significantly improve your cyber infrastructure. For example, an organization can: should do it — Conduct educational campaigns on personal cyber hygiene. Employees are often the first line of defense against cyberattacks, and nearly 90% of data breaches are due to human error.
In other words, awareness goes beyond business leaders. Modern society will benefit from a paradigm shift when it comes to cybersecurity. After all, enlisting the help of a verified partner or educating your co-workers on the importance of cyber defense may be the difference between “business as usual” and millions in financial losses.
Allen Jenkins is CISO and Vice President of Cybersecurity Consulting at InterVision.
data decision maker
Welcome to the VentureBeat Community!
DataDecisionMakers is a place for data professionals, including technologists, to share data-related insights and innovations.
Join DataDecisionMakers for cutting-edge ideas, updates, best practices, and the future of data and data technology.
You might consider contributing your own article!
Read more about DataDecisionMakers