How are you dealing with the continued prevalence of ransomware attacks?
Sort By:
Oldest
VP, Director of Cyber Incident Response in Finance (non-banking)2 years ago
I've been part of an open source group maintaining software before, and I don't think I ever thought about what the impact would be if somebody found a vulnerability in the code I produced. I can't imagine the vitriol the Log4j maintainers must have faced from all corners. It has to be hard for them as people who thought they were just doing good for the community.
SVP in Finance (non-banking)2 years ago
You have to build resiliency. That's the conversation: you have to make sure there's a resiliency plan in place as you're designing new architectures, or deploying new technologies. Oftentimes the ransom has to be paid just to ensure the attackers do not disclose data. If they’re recoverable, the company can recover from their backups and be fully operational. But even if there is no major impact in terms of operations, the business still has to pay the ransom because of the potential consequences of a data leak. Network & Security Section Head in Telecommunication2 years ago
We started implementing Zero Trust approach.Vice President of Information and Security in Manufacturing2 years ago
We have a Strategy in place to implement Zero Trust and are partnering with multiple 3rd party partners to support our Strategic Security Program.
I saw this incredible write up from one of the Log4j maintainers on what it's like to be someone who's been volunteering their time to support code that powers half the internet, and then get yelled at all at once by everyone on the internet. It sucks when you think it through, of course. That's terrible. But for some reason, we're not planning ahead for that type of thing. And assuming that there will be swings and roundabouts that are uncomfortable for us to deal with, we need to try to ring-fence however we can.