The rising tide of ransomware attacks targeting critical infrastructure sectors has reached unprecedented heights. Now at the top of many CISOs’ agendas, a confluence of technical, legal, ethical, and regulatory shifting winds is making this scourge on industrial environments increasingly difficult to navigate.
The dilemmas organizations must deal with are dizzying:
- To pay a ransom or not?
- Will cyber insurance provide adequate shelter?
- What’s the role of government?
- Are new mandates and penalties on the horizon?
- How are adversaries evolving their tactics?
To make sense of it all, let’s first focus on the adversaries and their playbook. Cyber criminals have a well-developed business model and carefully contemplated financial calculus of ransomware. They have determined whether they will launch a direct attack to maximize profits or offer Ransomware-as-a-Service, complete with a help desk and other support services, to supplement their income while enabling malicious actors with less technical skill.
They have researched their victims and targeted organizations based on their ability to pay. All these tactics are developed and executed in concert to make paying…
