Ram is the CEO of Sygnia, a global cyber security consulting and incident response company, trusted by leading organizations worldwide.
Ransomware attacks are not just a technological threat but also a significant business risk. To confidently face these factors and the current cybersecurity environment, it’s critical that teams at various levels across your organization know what their roles are as well as what questions they’ll be expected to address in the event of an attack.
As leaders, we have a responsibility to our employees, shareholders and customers to uphold business continuity and persevere through a crisis. We must do much more than simply comply with regulations and fiduciary responsibility; we must also set up our teams and organizations to navigate in troubled water. This is a core value of a business leader.
As the cyber landscape is evolving, so, too, are the roles of executives and boards of directors in the event of an attack. For public companies, a March 2022 proposal by the U.S. Securities and Exchange Commission aimed to “enhance and standardize disclosures regarding cybersecurity risk management, strategy, governance and incident reporting by public companies.” This change is already happening, and as a result, we’ll continue to see cyber resiliency take rising priority on board agendas as its importance expands across the enterprise.
It’s now common knowledge that every business is a target, and the impacts are real: Verizon’s 2022 Data Breach Investigation Report found that ransomware attacks increased by 13% in the past year—an increase as large as the past five years combined, the report said. A report by Allianz Group shows that the threat of “cyber incidents” is the top corporate concern for executives. Analysis from Check Point researchers might reveal why this is so; the cost of downtime, recovery, remediation and legal fees could be seven times greater than the ransom itself.
The solution is not about acquiring the shiniest tools; it is about how well organizational teams work with them to prevent, detect and plan for inevitable attacks. Effective cyber resilience strategies require a team effort across the enterprise, working in lockstep with security teams, to identify valuable assets, formulate response plans and ensure business continuity is maintained in the event of a breach.
Threat actors are opportunists. They will always try the path of least resistance before exploring more complex methods of breaking in. But they are getting smarter and increasing both the complexity and sophistication of each attack. Staying ahead of the curve requires a holistic cyber resilience strategy that evolves with the changing ransomware landscape.
Deploy key defense strategies to contain and mitigate future attacks.
Even if your technical team assures you that industry best practices are in place, businesses should deploy three key defense strategies to successfully contain and mitigate future attacks.
1. Leverage your control of the terrain.
There is no way to know where the next attack will come from, but there is one certainty: When it happens, it will occur on a company’s own assets, whether they are remote, on-premises or in the cloud. Networks are increasingly dynamic, particularly as technology has modernized at warp speed to adapt to remote work and the cloud during the pandemic era.
It’s critical then for enterprises to periodically conduct security assessments of network and infrastructure in a methodical manner to ensure you’re positioned to take control of your digital terrain. While in the past we could review our assets every few years, now, with the dramatically increasing dynamicity of systems and software, the timeframe has been shortened to months.
2. Invest in incident response readiness.
Cyber threats are an ever-present, inevitable part of our modern lives, and preparing to confront them with minimal impact on employee morale, customer satisfaction and business continuity is a core responsibility for leaders. Crisis readiness of your systems, networks and organizational culture is critical for the survival of your business. In the spirit of the belief that cybersecurity is everyone’s job across the enterprise, you must commit the necessary resources to create a business that is ready to face the shifting risk landscape and even more demanding challenges that undoubtedly lie ahead.
The first hours following a cyberattack are critical, and it’s essential that your organization’s board and executive, legal, security and communications teams are primed to spring into action immediately following its detection. It starts with a proactive investment in cyber readiness, followed by putting the practice, training and an incident response plan into action.
An optimal incident response plan should encompass key aspects, such as internal and external communications channels. Your plan should also clarify the roles key groups—from the CISO to legal counsel to forensics to public relations—should play to ensure a coordinated, rapid response.
3. Remember that practice makes prepared.
Readiness is not the sole burden of the IT team. Organizational leadership plays a critical role by guiding investments in readiness tools and training teams on responding during a cyber crisis. This can be best accomplished by performing realistic cyber war games that recreate the tension and dilemmas faced during an actual cyber event and explore the human side of cybersecurity as well as the perception biases that often occur when executives are faced with potential threats.
At the technical level, businesses must fully stress test their systems with “purple teaming” exercises that combine the organization’s systems resilience (“red team”) and security team (“blue team”) response. Combining these efforts will allow organizations to focus on ransomware readiness and increase the chances that, in real time, the company’s defenses and technical teams will play the right role when the organization is under attack.
Following these three strategies will give organizations a sound blueprint to better manage dangerous cybersecurity threats as well as effectively manage any potential crisis with minimum disruption to the business. Beyond that, it will also enable them to boost their overall cyber resiliency in an increasingly uncertain world.
Forbes Business Council is the foremost growth and networking organization for business owners and leaders. Do I qualify?
Read the full article here
