Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.
Organizations Likely to Experience Ransomware Threat in the Next 24 Months, According to Info-Tech Research Group
Security leaders must build resiliency against these complex attacks immediately.
January 23, 2023
3 Min Read
TORONTO, Jan. 23, 2023 /PRNewswire/ - Cyberattacks, especially ransomware, are becoming more sophisticated more frequent, with more severe impacts, year over year. These attacks can quickly encrypt systems and steal sensitive data, making data recovery challenging for organizations. Although there is much concern about the ransomware threat, corporate executives are not yet willing to spend on solutions without clear evidence of the improvements being made. To help IT leaders improve their organization's ability to prevent incursions and defend against ransomware attacks in the current climate, global IT research and advisory firm Info-Tech Research Group has published a new research-backed industry blueprint, titled Build Resilience Against Ransomware Attacks.
Ransomware is a high-profile threat that demands immediate attention, as it is a much more complex security threat than other types of attacks. Malicious actors have also developed increasingly sophisticated methods to pressure organizations into paying ransom payments. These emerging strains can exfiltrate, encrypt, and destroy data and backups in hours, making data recovery a grueling challenge.
"As ransomware attacks become more frequent and impactful, organizations need to focus on building resiliency to withstand these attacks instead of solely relying on response and recovery," says Michel Hébert, research director at Info-Tech Research Group. "The process of building resilience is like climbing a mountain, requiring time, planning, and help from others to overcome challenges and work through problems."
Info-Tech's findings show that organizations often misunderstand the risk scenarios associated with ransomware attacks, which can lead to underestimating the potential impact of an attack. The cost of a ransomware attack goes beyond just the ransom, with four key areas driving recovery costs: detection and response, notification, lost business, and post-breach response.
To effectively protect against ransomware, the firm recommends disrupting the attack at every stage of the attack workflow, which includes putting controls in place to prevent intrusion, improve detection, respond quickly, and recover effectively. Organizations also struggle with "dwell time," which is the time between when a malicious actor gains access to a network and when they are detected. Organizations must improve their ability to detect and respond early to prevent serious disruption from ransomware attacks.
As outlined in the blueprint, security leaders must conduct a thorough assessment of their current state, identify potential gaps, and assess the possible outcomes of an attack. Info-Tech advises the following holistic methodology to build resiliency against potential ransomware attacks:
Assess resilience – It is essential to conduct a resilience assessment, build a risk scenario, and determine the business impact. Conduct a thorough assessment of the current state, identify potential gaps, and assess the possible outcomes of an attack.
Protect and detect – Analyze attack vectors, prioritize controls that prevent ransomware attacks, and implement ransomware protection and detection to reduce the attack surface.
Respond and recover – Visualize, plan, and practice ransomware response and recovery to reduce the potential impact of an attack.
Resiliency is crucial to surviving a ransomware attack. As covered by Info-Tech's resource, organizations should focus now on what is in their control and cultivate strengths that allow them to protect assets, detect incursions, and respond and recover quickly in the future.
To learn more, download the complete Build Resilience Against Ransomware Attacks blueprint.
About Info-Tech Research Group
Info-Tech Research Group is one of the world's leading information technology research and advisory firms, proudly serving over 30,000 IT professionals. The company produces unbiased and highly relevant research to help CIOs and IT leaders make strategic, timely, and well-informed decisions. For 25 years, Info-Tech has partnered closely with IT teams to provide them with everything they need, from actionable tools to analyst guidance, ensuring they deliver measurable results for their organizations.
Media professionals can register for unrestricted access to research across IT, HR, and software and over 200 IT and Industry analysts through the ITRG Media Insiders Program. To gain access, contact [email protected].
SOURCE Info-Tech Research Group
You May Also Like
Unbiased Testing. Unbeatable ResultsFeb 22, 2024
Unbiased Testing. Unbeatable ResultsFeb 22, 2024
Your Everywhere Security guide: Four steps to stop cyberattacksFeb 27, 2024
Your Everywhere Security Guide: 4 Steps to Stop CyberattacksFeb 27, 2024
API Security: Protecting Your Application's Attack SurfaceFeb 29, 2024
A screen displaying many different types of charts and graphs to show what data is being analyzed.Cybersecurity Analytics