Ransomware’s on Everyone’s Radar. So, What Can you Do About It?

In its 2022 ‘State of the Nation’ report, BCS, the Chartered Institute for IT, asked IT leaders and professionals “what keeps you up at night?”, the threat of cyber-attacks was consistency in the top three (the other two were lack of resources and the pace of change).

Ransomware is one of the fastest-growing security concerns across most industries, affecting corporations, government agencies and private entities alike, but the sensitive nature of the data held and potential for harm makes the finance services sector, healthcare, energy utilities and food production prime targets for cyber-crime.

In late May 2021, the world’s largest meat supplier, JBS paid $11 million in ransom to cybercriminals a week after discovering the incursion and even more seriously, the foreign exchange firm Travelex was forced into administration after it was crippled by a ransomware attack that encrypted more than 5GB of sensitive data.

How Can We Help?

"*" indicates required fields

By clicking Submit, you agree to our Privacy Policy and Terms & Conditions

This field is for validation purposes and should be left unchanged.

A trusted partner in Ransomware Protection

Alert Logic MSP partner
Cofense
Cylance
Cyber Essentials Plus
Disaster recovery is like a chess board.

Ransomware Isn’t Likely to Strike. It’s Imminent.

In a new report by CISOs Connect, ‘Ransomware in Focus’ based on a survey of more than 250 CISOs (Chief Information Security Officers) cites that 53% of respondents reported that their organisations had been hit in the past year, but 69% of respondents consider it likely they’ll be successfully hit at in the next year.

The ransomware problem can truly be stated as “it’s not if, but when”. The emphasis is not only on prevention, but has to also be on recovery. Interestingly only 7% of respondents were fully confident in their cyber defences, saying that a successful attack is not likely at all.

We know that maintaining cyber defences isn’t simple easy, but it’s critical that IT teams regularly assess threats to the business and keep up to date with advances in technology – cyber criminals do! The increase in remote working imposed by the Covid-19 pandemic has further compounded the risk. Vulnerabilities can range from old unsupported hardware, unpatched operating platform and a lack of security awareness among staff – the majority of breaches can be traced to human error. IT solutions need to be supported by a security-ware culture where every employee is a player in the line of cyber defence.

What’s In Your Ransomware Arsenal?

We know that maintaining cyber defences isn’t simple easy, but it’s critical that IT teams regularly assess threats to the business and keep up to date with advances in technology – cyber criminals do!

The increase in remote working imposed by the Covid-19 pandemic has further compounded the risk. Vulnerabilities can range from old unsupported hardware, unpatched operating platform and a lack of security awareness among staff – the majority of breaches can be traced to human error. IT solutions need to be supported by a security-ware culture where every employee is a player in the line of cyber defence.

These trends are echoed by the CISOs Connect’s top cyber counter-measures:

  • data backup and recovery,
  • endpoint protection/anti-malware,
  • phishing defence,
  • user awareness training, patch & config management
  • and network segmentation.

For recovery, proactive organisations are evaluating the use of ‘cyber vaults’ or other air-gapped solutions that isolate critical data from ransomware and other sophisticated threats with immutable copies that are simply not connected to the internet in any way.

Zero Trust Network Access requires every access attempt to be verified and that the scope of access granted is minimised to limit the lateral movement an attacker can achieve after breaching a network, in turn limiting the damage that can be done. This practice was even included as a top recommendation in the White House guidance on ransomware protections for businesses issued in June 2021.

Every organisation should be investing is technology, skills and partnerships to build the first line of defence makes every effort to prevent an attack and the last line of defence that ensures that a company can recover fast.