Tips to mitigate and protect against the ongoing threats of ransomware
By Jesper Zerlang, CEO, LogPoint
The total cost of ransomware in 2021 totals $20B and is expected to climb to $265B by 2031. With new ransomware attacks occurring every 11 seconds and the average incident resulting in nearly $700,000 in damages, no industry is safe from the war against ransomware. In 2021 alone there has been headline breaking ransomware attacks on large organizations such as Colonial Pipeline, Brenntag, and JBS Foods.
While cybercriminals rely on an array of tactics to breach a network, such as database hacking and denial-of-service attacks, phishing is the number one delivery method for ransomware. Throughout the pandemic, as the majority of businesses rapidly moved their workforce remote, the number of ransomware attacks only continued to climb, up 150% in 2020.
These numbers aren’t slowing and it’s up to organizations to understand how they can protect their data and their employees’ information from a catastrophic attack, which could ultimately cost them millions. However, as the number of threats increase, businesses must look to find the right solutions to better protect, detect and respond to today’s complex threats. And while some require implementing new security tools and technology, others are as simple as changing protocols and priorities within the organization. Below are three tips to help any organization, large or small, in their efforts to increase cybersecurity and mitigate the risk of a ransomware attack.
Build a strong cybersecurity foundation
When thinking of cybersecurity, it’s natural to think of the innovative technologies available on the market today. However, there are so many steps that should be taken in-house to help to establish a secure network before introducing these additional technologies. Building the foundation for protecting your data starts with the basics, especially considering that these advanced technologies can only do so much if the foundation is not set.
Patching, having secure configurations and following password best practices, such as ensuring strong password hygiene across the organization and incorporating two-factor authentication, are all basic needs to ensure a hacker cannot easily gain access to a network. While these may seem small, the protection they offer is mighty and effective, and with these measures in place, advanced technologies can be implemented in parallel to help build a stronger, forceful security posture for the overall organization.
Stay “in the know”
With the increase in cyberattacks, the government has been busy introducing new regulations and compliance standards. These will likely not go away – in fact, they will likely become stricter, with heavy fines for those organizations who do not comply. Being aware of the current state of the industry and the threats impacting fellow businesses can help you to understand what the risks are, how you can protect yourself and what may be introduced into the regulatory landscape in the near future.
For example, it’s no secret that the need for a single platform that can both detect and respond to a threat is greater than ever before. Some organizations are finding that by integrating Security Information and Event Management (SIEM) with Security Operation Automation and Response (SOAR), they can help introduce the automation necessary to respond to even the most complex threats quicker than ever before, minimizing the need for human intervention. This reliable, automated protection enables organizations to respond in real-time and provides them with the situational awareness necessary to help predict the following phase of an attack.
Technology like this is actively changing the industry and the way organizations prepare for ransomware attacks. Being aware of these types of innovations can help an organization better understand the benefits, help a business stay ahead of the industry trends and be ready for when these technologies become the regulatory standard in cybersecurity.
Don’t forget about transparency
As with any business challenge, being open and communicative is the only way to ensure alignment across teams. From security operations to IT and enterprise risk management, aligning on objectives is critical to ensure any and all gaps are covered in the protection of the organization. Without consistent collaboration and transparency between each lead department, the likelihood of an attack only increases, jeopardizing the critical data within the network.
For example, an employee may become a target of a phishing scheme, recognize the warning signs, and simply delete the email. However, shortly after, an employee in another department could receive the same email and fall victim to the attack. Departments tend to work in silos with the belief that cybersecurity sits with only IT team and only the IT team. Yet, if the first employee had made the IT team aware of the phishing email, they could have warned the remainder of the organization before the second employee had fallen victim. Cybersecurity it a team effort and working together to stay goal-orientated amid the battle against ransomware is often one of the best forms of protection for any organization.
It’s no longer if, but when.
Ransomware is a cyberthreat that is constantly impacting our society, and organizations are no stranger to the term. However, there is still the overarching question of “how does my business ensure protection?” It’s safe to say that no organization is completely safe, as cybercriminals are actively targeting each and every industry – but there are ways to increase and prioritize protection. Cybersecurity is an ongoing priority that should be top of mind year-round. Building a strong foundation, staying educated and aware of current technology and being transparent with partner departments within the organization are just the start. However, taking the initiative to start is the first step in securing your data against the next ransomware attack.
About the Author
Jesper Zerlang is the CEO of LogPoint and has led LogPoint to become one of the dominant SIEM vendors in Europe. He has more than 25 years’ experience in the IT industry and has held top management positions at Telia Company, Dell Computer and Compaq. His strong customer and partner focus, passion for his employees and strong entrepreneurial spirit helps to spark innovation and growth at LogPoint. He has supplemented his leadership skills with executive management programs at Harvard Business School. Jesper can be reached at https://www.logpoint.com/en/.