CS Jul-Aug 2023
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
ansomware<br />
WHY BEING AGILE MATTERS WHEN<br />
IT COMES TO A RANSOMWARE ATTACK<br />
STEVE USHER, SECURITY SERVICES MANAGER, BROOKCOURT SOLUTIONS, OFFERS HIS EXPERT INSIGHTS<br />
Over the course of the last few years,<br />
we have witnessed too many highprofile<br />
companies being featured<br />
in the media who have fallen victim to<br />
ransomware demands. In that moment,<br />
as a business leader, what are your first<br />
thoughts? Imagine for that moment what it<br />
might be like if your organisation was hit by<br />
an attack - would you be ready?<br />
Ransomware attacks are one of the most<br />
significant and rapidly evolving threats in<br />
the cybersecurity landscape. The damage a<br />
ransomware attack can cause to a business<br />
doesn't bear thinking about. The financial<br />
loss, data loss and operational disruption<br />
will all take a toll on the overall reputation<br />
of an organisation.<br />
For senior management, understanding<br />
how and why ransomware attacks happen<br />
is incredibly complex, especially without<br />
knowledge of vulnerabilities, code or a clear<br />
view of the methods, motivations and<br />
current activities of cybercriminals.<br />
In a recent example, a senior security<br />
analyst joined top executives from a Fortune<br />
500 company. He joined the meeting cold,<br />
not knowing what to expect, and was able<br />
to eloquently conduct a live review of threat<br />
intelligence, using the latest technology.<br />
The client struggled to comprehend the<br />
level of detail and how exposed the<br />
business actually was, leading to a greater<br />
understanding and hence the security<br />
posture was elevated.<br />
The threat of ransomware is constantly<br />
evolving and we need to always remain<br />
'threat aware'. It's a game of cat and mouse<br />
where we may often only learn from being<br />
exposed. However, our true strength comes<br />
from how we recover with agility. We need<br />
to educate business leaders to understand<br />
the threat will always be there. There is no<br />
escape; regularly reviewing your security<br />
posture and investing in your cyber security<br />
is paramount to protect your business,<br />
stakeholders and your data.<br />
Here's the five-point plan for better<br />
resilience:<br />
1. Rapid Response: Time is of the essence<br />
in mitigating the impact of a ransomware<br />
attack - helping businesses understand the<br />
key next steps to identify and contain the<br />
attack, minimise its spread and prevent<br />
further damage. Delayed response can lead<br />
to increased data loss, extended downtime<br />
and higher financial costs for the affected<br />
organisation<br />
2. Adaptive Solutions: Ransomware attacks<br />
constantly evolve, with new variants and<br />
techniques emerging regularly. Being ready<br />
to adapt tools, techniques and approaches<br />
to counter an evolving threat is paramount,<br />
having access to the latest threat intelligence,<br />
developing new detection and<br />
prevention mechanisms to help business<br />
with effective solutions to combat the<br />
specific ransomware strain they are facing<br />
3. Collaboration and Information Sharing:<br />
Through active collaboration and information<br />
sharing with relevant stakeholders,<br />
including customers, industry peers,<br />
law enforcement agencies, we can<br />
foster a collaborative environment,<br />
pool resources, share insights and<br />
collectively respond to ransomware attacks<br />
more effectively<br />
4. Incident Management and Recovery:<br />
Helping business to adopt a well-defined<br />
incident management process in place to<br />
handle ransomware attacks. This includes<br />
coordinating with customers, providing<br />
guidance on containment, facilitating<br />
communication and helping organisations<br />
return to normal operations as quickly<br />
as possible, as well as ensuring regular<br />
backups, including tests are put in place<br />
as part of on-going process<br />
5. Continuous Improvement: By analysing<br />
attack patterns, post-incident reviews and<br />
lessons learned from every ransomware<br />
incident, we can refine better solutions<br />
for businesses to update their procedures<br />
and enhance their overall cyber resilience<br />
against future attacks.<br />
www.computingsecurity.co.uk @<strong>CS</strong>MagAndAwards <strong>Jul</strong>y/<strong>Aug</strong>ust <strong>2023</strong> computing security<br />
11