Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Vulnerabilities / Threats

5/27/2021
05:40 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Axio Helping Organizations Protect Themselves Against Ransomware

New features include actionable and targeted recommendations to secure organizations from ransomware events.

NEW YORK--May 26, 2021--Axio, the leader in risk management software, announced the expansion of its free Axio360 Ransomware Preparedness Assessment tool. In light of recent cyber attacks at Colonial Pipeline and other critical infrastructur­e operators, Axio has released an updated version of its tool that helps leaders illuminate the gaps in their cybersecurity posture that directly cause increased susceptibility to ransomware attacks. Users can leverage these insights within Axio360 to accurately quantify the financial damage that could occur to drive more comprehensive cyber risk management.

“Ransomware is a top concern for business and government leaders as cyber criminals become more sophisticated with big-game-hunting ransomware that destroys enterprise backups, blackmails victims with public leakage of exfiltrated data, and paralyzes critical systems and infrastructure,” said David White, President and Co-Founder of Axio. “Leaders must assume that they will experience a ransomware event at some point during their tenure. It’s imperative for these leaders to understand their security gaps to prioritize improvements and investments, while also analyzing the financial impacts stemming from ransomware for overall cyber risk management and transfer through insurance.”

The assessment tool was developed based on guidance from the National Institute of Standards and Technology (NIST), the Department of Homeland Security (DHS), the Federal Bureau of Investigation (FBI), and Axio’s Cyber Research Team that has analyzed thousands of real-world ransomware events.

The Axio360 Ransomware Assessment Tool helps users quickly assess and prepare for a ransomware event irrespective of industry, organization size, and geography. The tool helps security teams:

  • Prioritize and focus on the most critical security controls to prevent, contain, and limit the ransomware blast radius
  • Map their programs to the most recently published guidance from the DHS and the FBI in response to the Colonial Pipeline ransomware attack
  • Track and manage the implementation of program improvements through the Axio360 platform
  • Establish benchmarking, which allows an organization to see how they compare against their peers
  • Publish comprehensive reports of program maturity and effectiveness for other executive stakeholders, including the C-Suite and Boards of Directors.

The output of the Axio360 Ransomware Preparedness Assessment will be accepted as supplementary evidence in support of cyber insurance applications. For more information on how to secure your organization and improve your cyber risk management, access all of Axio’s free tools here: https://learn.axio.com/free-tool.

In addition to the Ransomware Preparedness Assessment Tool, Axio provides comprehensive risk quantification capabilities and insurance stress testing, allowing security leaders to fully understand the corporate impact of cyber events, through the lens of financial modeling.

About Axio

Axio is the leader in SaaS-based risk management software, which empowers security leaders to build and optimize security programs and quantify risk for better investment prioritization and decision-making. Since 2013, Axio has been a trusted partner of the world’s leading critical infrastructure, manufacturing, and financial services organizations. Axio360 is the only risk management platform designed to align security leaders, business leaders, executives and Boards of Directors around a common set of benchmarks, performance metrics, and shared understanding of the most critical corporate risks.

 

Recommended Reading:

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Commentary
What the FedEx Logo Taught Me About Cybersecurity
Matt Shea, Head of Federal @ MixMode,  6/4/2021
Edge-DRsplash-10-edge-articles
A View From Inside a Deception
Sara Peters, Senior Editor at Dark Reading,  6/2/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
The State of Cybersecurity Incident Response
In this report learn how enterprises are building their incident response teams and processes, how they research potential compromises, how they respond to new breaches, and what tools and processes they use to remediate problems and improve their cyber defenses for the future.
Flash Poll
How Enterprises are Developing Secure Applications
How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-34682
PUBLISHED: 2021-06-12
Receita Federal IRPF 2021 1.7 allows a man-in-the-middle attack against the update feature.
CVE-2021-31811
PUBLISHED: 2021-06-12
In Apache PDFBox, a carefully crafted PDF file can trigger an OutOfMemory-Exception while loading the file. This issue affects Apache PDFBox version 2.0.23 and prior 2.0.x versions.
CVE-2021-31812
PUBLISHED: 2021-06-12
In Apache PDFBox, a carefully crafted PDF file can trigger an infinite loop while loading the file. This issue affects Apache PDFBox version 2.0.23 and prior 2.0.x versions.
CVE-2021-32552
PUBLISHED: 2021-06-12
It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open FIFOs. When this function is used by the openjdk-16 package apport hooks, it could expose private data to other local users.
CVE-2021-32553
PUBLISHED: 2021-06-12
It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open FIFOs. When this function is used by the openjdk-17 package apport hooks, it could expose private data to other local users.