Five Steps for Becoming Ransomware Resilient

If you aren’t worried about ransomware, you should be.

And if you are worried, you probably are not worried enough.

According to Verizon’s 2021 Data Breach Investigation Report, ransomware attacks have doubled in the last 12 months. Cybercrime Magazine, meanwhile, predicts that a new ransomware attack will occur every 11 seconds in 2021, with global financial losses topping $20 billion.

The average payout to ransomware attackers has reached $300,000, while the total cost of remediation for such attacks has reached a staggering $2 million, on average, according to a recent report in Computer Weekly.

Given the scope of these numbers, security professionals are more incentivized than ever to take steps to build a truly resilient ransomware defense.

With that in mind, let’s take a closer look at five actionable tips for hardening your defenses.

Take a “Zero Trust” Approach Toward Ransomware

The COVID-19 pandemic led to an explosion in working from home, which created almost unlimited opportunities for adversaries to exploit. Organizations have turned to VPNs for employee devices as a result, but this practice violates the Zero Trust concept, as VPNs are really access tools rather than security tools. Ultimately, replacing VPNs with Zero Trust is not only more secure, it is also more scalable and flexible.

Redouble Training So Employees Are More Alert to Danger

What do some of the worst ransomware attacks in history (WannaCry and Petya) have in common? They exploit mistakes by people. Even the most cautious and diligent people among us can be tripped up once by a link that looks almost identical to one they have clicked 100 times before. Those who are less cautious (and more numerous) are even riper for targeting. Organizations must respond by doubling down on training and develop a risk-based vulnerability management strategy that emphasizes fast patching based on effective prioritization.

Make the Savvy Tech Investments

Strong endpoint protection and continuous data backups with multiple copies in separate locations (including one that is entirely offline) are a good starting point for ransomware resilience. Yet it’s important to remember that tactics are changing, and today’s attackers often steal data as they are encrypting it for ransom. This means it is critically important to layer-in security tools that provide continuous visibility into vulnerabilities, how attackers can exploit them and the risks that such exploits pose to your most important assets.

Ensure the Right Processes Are in Place to Deal with a Disaster

A ransomware attack is likely to be an order of magnitude more challenging if you don’t have the right preparation in place. Organizations that undergo regular disaster recovery rehearsals have a decided edge over those whose plans exist solely on paper. By simulating and stress-testing organizations can ensure the right processes are in place should the worst occur.

Stress Good IT Hygiene and Take Preventative Measures

Remember the old saying “an ounce of prevention is worth a pound of cure?” This is even more relevant in cybersecurity, where it is often “game over” once a ransomware attack has been executed. Smart cyber-hygiene practices, as part of a strong and well-developed security posture, can make a critical difference in a world where attack surfaces keep getting dramatically larger and harder to defend.

How XM Cyber Helps You Become More Resilient

The XM Cyber attack path management platform continuously evaluates your security posture, analyzing attack telemetry to visualize the attacker’s journey to your critical assets. The platform highlights the key entities, assets or devices that attack paths traverse through and allow the attackers to breach the organization’s critical assets.

Based on the visibility of the attack paths, a prioritized and cost-effective remediation plan is created, where the highest risks to the organization’s security posture are set to be fixed first.

Organizations that wish to harden their defenses against ransomware can use XM Cyber to gain deep visibility into the vulnerabilities that exist and how attackers can exploit them to burrow within an environment, move laterally and target the most sensitive business assets — which can then be exfiltrated and ransomed under the threat of being sold to the highest bidder, or released publicly.

Because ransomware attacks are now frequently focused not only on encryption but theft, attack path management has become central to the battle against ransomware attacks — and no solution offers more to harden your defenses than XM Cyber.

Get a better understanding of how resilient you are to thwart a ransomware attack and the steps you can take to quickly reduce risk. How?

Read more: 


Dan Anconina is CISO and Operations Technology Leader at XM Cyber