The threatscape today is a maelstrom of forces and bad actors. Organizations have never had it harder, as cybercriminals look to take advantage of every security gap to gain power and capital.
The facts are unsettling:
- According to Sophos’ annual ransomware survey, more than one-third (37%) of organizations were victims of a ransomware attack in the last year. Of these organizations, 54% say the cybercriminals were successful in encrypting their data. Only 65% of encrypted data was restored after the ransom was paid. The average bill for rectifying a ransomware attack was $1.85 million.
- Nation states are launching targeted attacks, cybercriminal groups have coordinated Ransomware as a Service (RaaS) programs, and up-and-coming criminals can now purchase out-of-the-box malicious software (malware) and watch a YouTube video to learn how to execute an attack.
Goals and challenges
We regularly discuss with our clients how effective ransomware prevention and response strategies need to have a dual focus: security and data protection. Organizations with modernized data protection infrastructure will be shielded from the most severe impacts of a ransomware attack, as they won’t necessarily lose data, experience downtime, or need to pay a ransom.
But on the frontend, a strong security program can go a long way. Cybercriminals exploit predictable vectors: primarily, end users or holes/vulnerabilities in IT environments. While a Zero Trust strategy can help protect end users and data troves, IT administrators must ensure systems are up to date and regularly patched. Recent research indicates that almost half of all companies have internal databases with known vulnerabilities, and the average vulnerable database has 26 publicly disclosed flaws.
IT leaders also need to take advantage of the latest technologies and approaches for optimizing security tools, as opposed to simply “throwing more tools at the problem.”
- Most enterprises now use up to 45 different security tools, with the average of 19 of those employed in response to a single incident, according to the most recent Ponemon study on the Cyber Resilient Organization. Yet, more than half (53%) of IT leaders aren’t sure if their security tools are working properly, and only 39% feel like they get full value from their security investments.
- Organizations with fully deployed security Artificial Intelligence (AI) and automation saw breach costs that were $3.81 million less than organizations without it. And security operations programs that use fewer security solutions are better at detecting and defending against attacks.
Lastly, organizations should tap into top security talent to achieve key objectives — and it may not be through contract or direct hire. The industry has seen considerable consolidation of such talent toward service providers like Insight Cloud + Data Center Transformation (CDCT) that have a security practice and framework for helping security practitioners continue their education, grow their skill sets, and maintain or expand their list of certifications.
The best way to stay secure
While there are no one-size-fits-all answers, there is a path nearly every organization can take that will minimize the risk of ransomware and other cyberattacks and the extent of damages.
Managed Security services by a group like Insight have been developed to help organizations manage the overwhelming amount of daily security needs and improve overall risk profile against a daunting threatscape.
Our services ensure that businesses:
- Are optimizing security tool sets like Microsoft Sentinel and other existing investments.
- Have around-the-clock monitoring of the network, systems, apps, and data.
- Understand the security environment through customized reporting and insights.
- Have the top talent in the security space working for them.
As an SOC 2 Type II-certified organization, we provide highly scalable services that leverage machine learning, automation, and intelligent detection and hunting. We coordinate with our own specialized Incident Response services team if/as needed.
Our experts can also bring learnings from monitoring and managing a business’s IT environment 24/7 to help guide strategies for effectively shoring up systems, implementing Identity and Access Management (IAM) programs, and modernizing data protection platforms.
If you’re interested in learning more, take a look at our Managed Security services solution brief or contact our team to discuss your needs. We are here to help — no matter what.