Ransomware has become increasingly professionalised with organised threat actors, sophisticated tools and new commercial models, such as ransomware as a service (RaaS), driving economies of scale. The silver lining is that the grave impact of ransomware on the business has propelled cyber to board level.
Ransomware has the potential to cause irreversible business damage, so CISOs should consider not only protection (the “if” scenario), but also response and recovery (the “when” scenario). As such, CISOs must find the right balance between prevention and recovery, balancing tactical and strategic fixes, in line with their threat landscape, industry and business specifics.
Protection
Looking at the full spectrum of protection and response measures for ransomware can be daunting. Implementing advanced technologies, such as extended detection and response (XDR) or security orchestration, automation and response (SOAR), can drastically reduce an organisation’s susceptibility to a ransomware attack but have high price tag and take time to implement.
Hence, while CISOs should be planning for the long term, equal consideration should be given to security improvement…
