decrypting myths
Proofpoint expert on how companies can holistically tackle data loss prevention
As CISOs work to mitigate cyber risks posed to their businesses , pursuing the shift from detection and recovery to prevention has never been more important .
Adenike Cosgrove , VP Cybersecurity Strategy EMEA at Proofpoint , tells Intelligent
CISO about ransomware , data loss prevention and why today ’ s top cybersecurity threats are people-centric . roofpoint ’ s 2023
P
State of the Phish report highlights the ever-present danger ransomware now presents . How are CISOs currently addressing the ransomware pandemic and are their methods productive ?
Ransomware is nothing new . It has been a significant threat to organisations around the world for some time now – and it continues to grow in volume . The statistics from Proofpoint ’ s State of the Phish report – the 2023 issue having just been published – show that 82 % of UK organisations experienced an attempted ransomware attack in 2022 , with 62 % suffering a successful infection ; yet only 33 % regained access to their data after making the initial ransomware payment .
However , what was once a relatively straightforward threat is fast becoming increasingly complex . Traditionally , cybercriminals would force their way through perimeter defences , drop their malicious payload and demand a ransom to ‘ fix ’ the situation . This brute force method of attack was usually remedied by detection , containment and recovery . Essentially , systems would be shut down and backups restored .
Today , however , ransomware is much more sophisticated , targeted and further reaching . Rather than forcing their way in , cybercriminals will target users looking to compromise their credentials , trick them into making a mistake or convince them to launch a malicious attack against their employer .
To defend against this , cyber teams must shift left earlier in the attack chain . Moving away from detection and recovery and focusing on prevention – and people . The detection and response approach to ransomware was understandable in the past . However , cybercriminals have changed tact and modern ransomware now often carries an extra sting in the tail , be that corporate espionage or data theft , making it very much a data loss prevention ( DLP ) issue . www . intelligentciso . com
67