Concern about ransomware attacks is felt by all. With no easy remedy in sight, the continually evolving ransomware threat requires cybersecurity leaders to strengthen defences and make life harder for threat actors. We explore how operationalising validation and optimisation with a continuous security assurance process offers the best strategy for organisations.
2021 – the year of Ransomware
Arguably, ransomware was by far the top cybersecurity threat on everyone’s minds in 2021. News stories on successful ransomware attacks like Colonial Pipeline, which took down critical US infrastructure, and Kaseya – a combined Ransomware/Supply Chain attack that took down over 1500 companies in a single attack, were everywhere.
A 2021 global ransomware resiliency survey commissioned by Cymulate revealed:
- All organisations, regardless of size, have a 1-in-4 chance of being hit by ransomware.
- One-third of organisations were hit by ransomware over the last few years ; 23% of smaller businesses (between 1-1,000 employees), 27% of mid-size (between 1,001-5,000) and 23% of large enterprises (20,000+).
- Everyone is a target; no region of the world or industry has not been victim to substantial ransomware attacks.
- More than half of respondents – whether previously hit by ransomware or not – don’t feel confident they can fend off a ransomware attack with their current security measures.
It is no wonder considerable anxiety over future attacks affects nearly everyone, whether they’ve experienced a ransomware attack or not. So, what is the best way to keep ransomware at bay?
Keep ransomware at bay with a continuous security assurance process
With no easy remedy in sight, the continually evolving ransomware threat requires cybersecurity leaders to strengthen defences across people, processes, and technology to make life harder for threat actors. A continuous security assurance process offers the best way to understand and visualise risk and how to mitigate it, by replacing assumptions with testing and quantified traceable measurements.
With this framework, you can reduce your level of risk by establishing a security posture baseline and tracking it over time; optimise your cybersecurity investments, solutions, and processes; scale your effort as required; and prove the value of your cybersecurity spending.
Step 1 – Assess
The first step is to assess your current state to understand the efficacy of the security controls, penetration paths, drift, and overlap. Once the baseline is set, the cybersecurity discussion becomes data-driven and fact-based. From then on, there’s no more room for assumptions. Everyone – Executives, CISO, SOC, blue and red teams – get a clear picture of the current security posture and how susceptible you are to breach.
Step 2 – Optimise
Next, it’s time to maximise your security posture, shore up gaps and misconﬁgurations, and optimise your security controls. By doing so, you reduce risk and protect against evolving threats.
Step 3 – Rationalise
Now you can rationalise your technology, people and processes to eliminate overlapping solution features and reallocate funds to cover exposed areas.
Step 4 – Assure
The final step is to assure improved operational effectiveness and prevent security drift with assurance testing. There are countless validation methods from Continuous Automated Red Teaming (CART) and Breach and Attack Simulation (BAS) to Advanced Purple Teaming.
Concern about ransomware is felt by all, and the result of fear is increased budget and resources invested in improving security posture management. But, in order to be beneficial, these improvements need to be in direct proportion to the company’s current priorities and challenges. Implementing a continuous security assurance process enables you to leave hypotheses and heuristics in the past and move forward to a fact-based, empirical discussion on cybersecurity.
How ready is your organisation for a ransomware attack?
Quickly, accurately, and safely assess your enterprise with a free Ransomware Assessment. Get started >>