The cyber threat landscape is fast-paced and ever-changing. It is now relentless, hyperactive, and rampaging through every network causing colossal damage. Ransomware has been making headlines and is a topic of discussion in every boardroom. Despite the current threat landscape and the fact that cybersecurity risk is a top concern for every CEO and IT leader, very few corporate leaders provide ransomware-specific security training. This article at Cybersecurity Dive by Samantha Schwartz speaks about how to mitigate ransomware attacks.
How to Mitigate Ransomware
Ransomware has increased its reach from individual to network-wide attacks, extorting an exorbitant ransom for service restoration and data decryption. An annual survey by Black Kite of 250 CISOs found that more than half of them were targets for ransomware in 2021. Meanwhile, more than two-thirds expect at least one ransomware attack this year. Everyone in the organization must adhere to robust ransomware defense practices, irrespective of their position. Theo Zafirakos, CISO of Terranova Security, says, “Businesses must take acceptable and calculated risks each day — the same applies to cybersecurity.”
Strategies to Mitigate Ransomware
Bad actors know how to exploit loopholes in systems and human behavior. Therefore, training your employees regularly on security processes, ransomware awareness, and reporting malicious messages is essential.
Despite advanced technologies, the basics an organization and employees adhere to are more critical for corporate safety. Applying multifactor authentication for accounts that have access to sensitive and confidential information is crucial. Furthermore, it is advisable to implement patch management strategies based on public proof of concept and recent vulnerabilities. According to Tenable’s analysis, ProxyLogon, ProxyShell, and PrintNightmare remained the top attack vendors last year due to their potential to persist with forgotten vulnerabilities alongside other well-publicized ones.
A powerful ransomware ring, REvil, was pursued by U.S. and international law enforcement last year. They recovered partial funds paid by Colonial Pipeline as ransom. There will likely be an increase in public enforcement involvement in business incident response this year. Being a ransomware victim is no longer a stigma after many high-profile attacks. It further indicates that business and law enforcement will work more closely in the future.
To read the original article, click on https://www.cybersecuritydive.com/news/ransomware-prevention/617966/
The post The Billion Dollar Question – How to Mitigate Ransomware appeared first on AITS CAI’s Accelerating IT Success.