Ransomware is a high-profile threat that demands immediate attention, as it is a much more complex security threat than other types of attacks. Malicious actors have also developed increasingly sophisticated methods to pressure organizations into paying ransom payments. These emerging strains can exfiltrate, encrypt, and destroy data and backups in hours, making data recovery a grueling challenge.
"As ransomware attacks become more frequent and impactful, organizations need to focus on building resiliency to withstand these attacks instead of solely relying on response and recovery," says Michel Hébert, research director at Info-Tech Research Group. "The process of building resilience is like climbing a mountain, requiring time, planning, and help from others to overcome challenges and work through problems."
Info-Tech's findings show that organizations often misunderstand the risk scenarios associated with ransomware attacks, which can lead to underestimating the potential impact of an attack. The cost of a ransomware attack goes beyond just the ransom, with four key areas driving recovery costs: detection and response, notification, lost business, and post-breach response.
To effectively protect against ransomware, the firm recommends disrupting the attack at every stage of the attack workflow, which includes putting controls in place to prevent intrusion, improve detection, respond quickly, and recover effectively. Organizations also struggle with "dwell time," which is the time between when a malicious actor gains access to a network and when they are detected. Organizations must improve their ability to detect and respond early to prevent serious disruption from ransomware attacks.
As outlined in the blueprint, security leaders must conduct a thorough assessment of their current state, identify potential gaps, and assess the possible outcomes of an attack. Info-Tech advises the following holistic methodology to build resiliency against potential ransomware attacks:
Assess resilience – It is essential to conduct a resilience assessment, build a risk scenario, and determine the business impact. Conduct a thorough assessment of the current state, identify potential gaps, and assess the possible outcomes of an attack.
Protect and detect – Analyze attack vectors, prioritize controls that prevent ransomware attacks, and implement ransomware protection and detection to reduce the attack surface.
Respond and recover – Visualize, plan, and practice ransomware response and recovery to reduce the potential impact of an attack.
Resiliency is crucial to surviving a ransomware attack. As covered by Info-Tech's resource, organizations should focus now on what is in their control and cultivate strengths that allow them to protect assets, detect incursions, and respond and recover quickly in the future.
To learn more, download the complete Build Resilience Against Ransomware Attacks blueprint.
Info-Tech Research Group is one of the world's leading information technology research and advisory firms, proudly serving over 30,000 IT professionals. The company produces unbiased and highly relevant research to help CIOs and IT leaders make strategic, timely, and well-informed decisions. For 25 years, Info-Tech has partnered closely with IT teams to provide them with everything they need, from actionable tools to analyst guidance, ensuring they deliver measurable results for their organizations.
Media professionals can register for unrestricted access to research across IT, HR, and software and over 200 IT and Industry analysts through the ITRG Media Insiders Program. To gain access, contact [email protected].
SOURCE Info-Tech Research Group