In the world of cyber threats, the phrase “ignorance is bliss” couldn’t be further from the truth–especially when it comes to ransomware attacks. Unfortunately, a recent report shows that C-level executives are taking this phrase a little too seriously and underestimating the risks. Luckily, there’s a hero in the form of a Chief Information Security Officer (CISO) who can design and implement an effective cybersecurity strategy to protect against these attacks.
To stay ahead of the latest threats and defenses, Fortify Experts regularly moderates CISO roundtable forums. These forums bring together leading CISOs to discuss hot topics, such as the rising threat of ransomware attacks, which have become increasingly sophisticated and difficult to detect. For instance, the recent Hive ransomware group case targeted over 1,500 victims in more than 80 countries, including critical infrastructure, hospitals, financial firms, and school districts.
When it comes to cybersecurity, a “hope for the best” approach just won’t cut it. Executive leadership teams need to be proactive in adopting a comprehensive security strategy to protect their business-critical data. With the help of a CISO, they can ensure that their defenses are rock-solid and avoid the costly consequences of a ransomware attack. So, let’s get cracking on that cybersecurity strategy before the hackers start cracking the code.
Employee education and awareness
Ransomware attacks have become a significant concern for organizations due to the significant financial losses and operational disruption they can cause. The FBI’s annual Internet Crime Report estimates losses due to fraudulent activity of $6.9 billion this past year, led by phishing and business email compromise–both of which are key tactics used in ransomware attacks. Since employees are often the first line of defense against these types of attacks, it’s essential to have a CISO in every organization. A skilled and experienced CISO can design and implement an effective cybersecurity strategy and help defend the company against cyber attacks such as ransomware.
Employee education and awareness are critical in reducing the threat of ransomware attacks, making it essential to invest in regular security training and education. One of the most effective measures is training employees on email phishing, as identified by a group of CISOs during a recent round table discussion held by Fortify Experts. They recommended a “train and make it painful to fail a phishing test” approach, which highlights the importance of simulated phishing campaigns and regular reminders on current threats and best practices.
Chart shows Infrastructure Sectors Victimized by Ransomware. Source: FBI 2021 annual Internet Crime Report
With the help of a skilled and experienced CISO, executive leadership teams can ensure that their employees are trained and equipped to recognize and respond to suspicious emails and links, reducing the risk of successful ransomware attacks. The Fortify CISO Forum can also be a valuable resource for staying up to date on the latest cybersecurity trends and best practices.
Cybersecurity controls
As cyber threats continue to grow, cybersecurity controls such as firewalls, antivirus software, and intrusion detection/prevention systems are critical in avoiding ransomware attacks. It’s crucial for executive leadership teams to invest in these controls and ensure they are optimized against the latest threats and vulnerabilities. A CISO can design and implement a comprehensive cybersecurity strategy that includes regular reviews and updates of these controls, reducing the risk of successful ransomware attacks.
Access controls, firewalls, antivirus software, backup and disaster recovery, network segmentation, software updates, and penetration testing are all essential elements of an effective cybersecurity strategy. During the Fortify CISO Forum, one CISO emphasized the importance of optimizing the technical controls, highlighting the value of ongoing discussions with industry peers on the latest best practices. In addition, organizations should review their network architecture and ensure that all systems are correctly configured and up-to-date to prevent attacks from spreading throughout the network. The U.S. government’s guide to Industrial Control Systems (ICS) security emphasizes the importance of this step in avoiding ransomware attacks.
With the help of a skilled and experienced CISO and the insights gained from the Fortify CISO Forum, executive leadership teams can stay ahead of the latest threats and vulnerabilities, minimize the impact of successful ransomware attacks, and protect their business-critical data.
Chart includes a victim loss comparison for the top five reported crime types for the years of 2017 to 2021. Source: FBI 2021 annual Internet Crime Report
Incident response planning
To avoid ransomware attacks, incident response planning is essential. A CISO is responsible for designing and implementing a plan that identifies potential threats and outlines the steps needed to contain, eradicate, and recover from an attack. This plan must be regularly reviewed and updated to be effective against evolving threats.
At the Fortify CISO Forum, a participant emphasized the importance of responding to an attack within minutes. With a well-established plan, organizations can quickly isolate infected systems, identify which data and systems have been affected, and implement remediation strategies such as restoring from backups or rebuilding systems.
The incident response plan should identify the incident response team and their roles, types of incidents that trigger the plan, and procedures for responding to different incidents. SANS Institute provides templates for the six-step plan: preparation, identification, containment, analysis, remediation, and recovery.
Working with an experienced CISO and utilizing insights from the Fortify CISO Forum, executive leadership teams can ensure their plan is effective and up to date. A robust incident response plan enables organizations to respond quickly to ransomware attacks, minimizing the impact and protecting business-critical data.
Ever-evolving threat
As U.S. Attorney General Merrick B. Garland noted, cybercrime is a constantly evolving threat. To stay ahead of ransomware attacks, organizations need a comprehensive security strategy and a CISO to ensure a well-defined incident response plan, a clear understanding of the threat landscape, and a strong security posture.
Fortify Experts can help you find the right CISO for your organization. With our expertise in hiring the best cyber talent and providing expert consulting and NIST-based security assessments, we can help you proactively defend against cyber attacks. Don’t wait until it’s too late. Download our free insider’s guide on How to Hire a Great CISO and take the first step towards protecting your business-critical data.
Sources:
US-CERT, “Ransomware Prevention and Response”