Ransomware has dominated the cyber security threat landscape over the last 18 months and is expected to do so for some time to come. Start the ‘what if’ conversation in your organisation today, and you will be empowering your team to not only survive but thrive in today’s cyber threat landscape.
It would be dishonest to pretend that ransomware attacks are entirely preventable. But, as with any business risk, the ransomware threat can be managed and mitigated with the right knowledge and tools.
In rare cases, as with other types of cyber attack vectors, ransomware may be beyond reasonable affordable commercial controls to defend if the malware exploits zero day vulnerabilities and come from highly resourced state sponsored actors or foreign intelligence services.
However, most ransomware campaigns come from ‘Ransomware as a Service’ providers which are not highly targeted and seek to exploit already-known vulnerabilities. That means a diligent and prepared defender is nearly always able to prevent them from succeeding, or they can recover from them if the worst happens.
An organisation with defences in place will go a long way in addressing those harder to prevent attacks, because they are ready to take the steps to limit the impact.
How PGI can support your organisation to mitigate the ransomware threat
The best response to the ransomware threat is achieving a good balance between preventative measures that reduce the likelihood of a successful attack, and resilience/continuity measures that ensure that your organisation is positioned to withstand the ‘worst case’ scenario of an attack. Our cyber security specialists can assess your current measures to identify weak points and drive improvement.
-
Educate your workforce Read more Read less
The majority of reported cyber attacks (around 90%) begin with a successful phishing campaign, so it is important to ensure your people are educated about the threat. Think about commissioning or running your own phishing exercise – data from these exercises can be invaluable in understanding your level of risk and acting to mitigate it effectively.
Our Phishing Vulnerability Assessments will provide your team with a real-world scenario that will enable your business to assess how vulnerable your workforce is.
Learn more about Phishing Vulnerability Assessments
Wider cyber security education will also provide your workforce with key insights that will help them manage their own digital footprint and activities.
-
Assess your overall security maturity Read more Read less
Understanding how well your organisation is prepared to handle cyber risks will help you prepare your defences. Our consultants can help you measure the effectiveness of any security measures your organisation has already rolled out and identify where you need to invest more time and resources, based on your organisation’s risk profile and appetite.
-
Assess your IT infrastructure and technical security measures Read more Read less
A ransomware vulnerability investigation, takes an adversary’s mindset approach and reviews your technology choices, connectivity, and exposed attack surfaces. This helps to determine potentially viable attack paths for ingress of ransomware so that these can be protected, defences reinforced or blocked altogether before they are exploited.
A configuration and build review and periodic vulnerability scanning and penetration testing will help protect your computers and servers from known attacks, by identifying weaknesses in configuration and patching, so that the exposed attack surface can be minimised, reducing the likelihood of a ransomware attack succeeding.
-
Assess your supply chain security Read more Read less
While your organisation’s cyber security might be sufficient, cyber criminals may take advantage of suppliers with a weaker cyber security posture who represent an exploitable ‘back door’ entry in to your own IT infrastructure. This is particularly relevant if any of your suppliers have been given remote access to your network.
PGI’s Information Security specialists can review your supply chain and associated processes and procedures. By looking at the controls your suppliers have in place, we can assess whether they match your organisation’s requirements and risk appetite. The assessment will also review your incident response and business continuity plans to ensure your supply chain can remain robust in the event a supplier is breached.
Many only think about data, in the form of web content and emails, coming into the organisation as a ransomware risk; but western governments’ concerns over the security of Huawei products and the recent Solar Winds incident remind us that the pathway into an organisation for a threat actor can be very different, such as software.
-
Implement and test an incident response plan Read more Read less
An effective incident response plan will address many aspects of cyber risk and will play a major role in limiting the damage caused by a ransomware attack. Incident response planning will help you understand how well your organisation is positioned to act in response to a successful attack. Ideally, your incident response capability should be tested by running an exercise (such as a tabletop exercise) to calibrate how well your team might respond in a genuine crisis.
Why choose PGI to help you defend your organisation
PGI has years of experience helping clients recover from ransomware attacks and protect themselves effectively. Our cyber security specialists will help you achieve operational resilience cost-effectively by:
Helping you understand what matters most to you and what your key risks are. Understanding your operational requirements and the aspects of your business that would be most impacted by a ransomware attack is an important first step in ensuring your organisation has appropriate security measures in place.
Helping you implement proportionate security measures. If you only implement the security measures that you need, as opposed to a blanket approach, not only will they be more cost-effective, but you’ll be able to maintain them more effectively in the long term.
Helping you prepare for the worst. Breaches will happen. It’s how swiftly and effectively you respond that will make the biggest difference.
