How are you dealing with the continued prevalence of ransomware attacks?

Security Strategy & Roadmap Backup & Disaster Recovery Threat & Vulnerability Management

2.7k views4 Upvotes5 Comments

Sort By:

Oldest

Founder/Chairman/CTO in Telecommunication2 years ago

The risk assumption that I operate on is that things are broken, you just don't know how. So how do you plan defense responses, and even detection and mitigation that is reflective of that fact. You won’t be able to solve everything, but how do you make sure your fence is built tall enough from a discovery and prevention standpoint? And how do you operate on the assumption that you're going to get breached? That stuff will happen, so you have to plan ahead. It’s dark, but it feels more resilient.

I saw this incredible write up from one of the Log4j maintainers on what it's like to be someone who's been volunteering their time to support code that powers half the internet, and then get yelled at all at once by everyone on the internet. It sucks when you think it through, of course. That's terrible. But for some reason, we're not planning ahead for that type of thing. And assuming that there will be swings and roundabouts that are uncomfortable for us to deal with, we need to try to ring-fence however we can.

1 Reply

VP, Director of Cyber Incident Response in Finance (non-banking)2 years ago

I've been part of an open source group maintaining software before, and I don't think I ever thought about what the impact would be if somebody found a vulnerability in the code I produced. I can't imagine the vitriol the Log4j maintainers must have faced from all corners. It has to be hard for them as people who thought they were just doing good for the community.

SVP in Finance (non-banking)2 years ago

You have to build resiliency. That's the conversation: you have to make sure there's a resiliency plan in place as you're designing new architectures, or deploying new technologies. Oftentimes the ransom has to be paid just to ensure the attackers do not disclose data. If they’re recoverable, the company can recover from their backups and be fully operational. But even if there is no major impact in terms of operations, the business still has to pay the ransom because of the potential consequences of a data leak.

Please join or sign in to view more content.

By joining the Peer Community, you'll get:

Peer Discussions and Polls
One-Minute Insights
Connect with like-minded individuals

Network & Security Section Head in Telecommunication2 years ago

We started implementing Zero Trust approach.

Vice President of Information and Security in Manufacturing2 years ago

We have a Strategy in place to implement Zero Trust and are partnering with multiple 3rd party partners to support our Strategic Security Program.

Content you might like

We are a large manufacturing company with over 17,000 associates, about half of whom have company-provided cell phones. We average two lost devices per week, which seems low, but executive management is concerned and wants to know if our numbers are typical compared to other companies. My questions are: 1. Do other companies also struggle with lost or stolen devices? 2. What is the average number of lost devices per week? 3. Are there repercussions for associates who lose devices due to carelessness or negligence?

Mobile Device Management (MDM)Mobile Devices Security+2 more

VP of IT in Retail3 days ago

My previous organization implemented a strict one-strike policy for lost or damaged devices. While the first incident was considered an accident, repeat offenders were required to reimburse the company for the lost or damaged ...read more

82 views1 Comment