Intelligent CISO Issue 54 | Page 75

decrypting myths

Ransomware : Fail to prepare , then prepare to fail

As ransomware threats become more frequent , targeted and ruthless , Gavin Knapp , Cyber
Defence Technical Lead at Bridewell , explains why business leaders cannot afford to rely on cyber insurance alone as a silver bullet . ansomware is now

R an unavoidable business issue . What started as a relatively opportunistic method of extorting money for individuals and organisations has evolved into a complex and sophisticated attack mechanism , originating from skilled human actors who will do whatever necessary to achieve their goals .

As a result , dynamics are shifting within businesses . While security teams used to vie for the attention of the board , it is now the board who are actively engaging security teams . The evolution of ransomware has brought the importance of cyber-resilience to the fore – and businesses are stepping up and increasing their security budgets in response .
However , as always , more can be done . New research from Bridewell reveals that only a minority of UK critical national infrastructure organisations are implementing critical measures to protect , detect and respond to ransomware . This suggests that some businesses may be relying on reactive measures to help offset the damage caused by an attack . But as ransomware becomes more frequent , targeted and ruthless , business leaders must look beyond the not-so-silver bullet of cyber insurance alone . It pays to have a plan – and there are clear steps organisations can take now to ensure they are better protected against this unrelenting threat .
How has ransomware evolved ?
Ransomware is a threat decades in the making . Traditionally , attackers capitalised on human error to get through a business ’ defences , but the rise of human-operated ransomware ( HoR ) now sees criminal groups quietly infiltrating organisations for extended periods prior to exfiltrating data and launching debilitating attacks on data and systems . Multiple initial attack vectors are now used to gain entry to victim organisations including exploiting vulnerabilities in external systems , supply chain compromise , use of initial access brokers , stolen credentials and phishing . www . intelligentciso . com
75