Why Are Businesses Still Falling Victim To Ransomware?

A recent survey determined that 80 per cent of organisations were victims of ransomware attacks in 2021, and more than 60 per cent of the businesses paid the ransomAs these figures have become all too common, it is important to look at why businesses still find themselves at risk of ransomware attacks.

Industry expert and ex-FBI cyber crime Supervisory Special Agent Jason Manar, now Chief Information Security Officer at Kaseya, addresses the following questions

Despite the vast amount of data security information available, why do businesses continue to find themselves vulnerable to ransomware attacks?:      

Attackers prey on employees, as well as those that have access to the company’s systems using social engineering and phishing techniques. Additionally, many bad actors combine these tactics by using social media platforms to obtain additional information about their victims. To combat ransomware attacks, businesses need to provide ongoing end users with security training to ensure they don’t become the company’s weakest link. In addition to the human factor, organisations should have security tools in place that baseline the network and limit administrative access, even at the local level. It’s also critical to stay on top of patching. 

What can companies do to improve their security systems and proactively combat ransomware?   

Proactive measures companies can take include instituting educational programmes, implementing a regular patching policy, limiting administrative accounts, provisioning administrative users, and auditing administrative accounts. It’s equally important to have appropriate security tools in place, and to avoid running on legacy or unsupported systems. Additionally, organisations should run regular security and pen tests, and enact a strong password security policy which enables multi-factor authentication (MFA) and ensures lengthy, complete passwords. In addition, companies need to keep browsers up-to-date to prevent adversaries from installing keyloggers. Offline backups should also be standard practice with a system in place to determine how often these are done. 
 
Paying ransom goes beyond the money, it’s also about business suspension and reputational damage if the attack becomes public knowledge. How do you educate organisations about the risks?

Unfortunately, there are too many worst-case scenarios where companies have lost everything, and they then go out of business. I can share examples that have not been publicised of people repeatedly saying, “we’re going to get to it,” and then put off implementing ransomware preventative measures, which inevitably leads to having to deal with the dire consequences of the attack. Developing and implementing robust security policies and guidelines is fairly simple, as well as cost effective. By taking these actions, companies can mitigate risk in the event they are intruded upon.
 
What advice would you give to a CFO?

Any C-Suite member should have security top-of-mind and understand that the lack of security in an organisation is one of the most existential threats that an institution faces that could potentially lead to immediate dissolution of the company. 

The CFO should meet regularly with the company’s CISO or security leader to understand the top threats and vulnerabilities facing the organisation, and jointly make decisions about security funding that are aligned with the highest risks and impact. 

What advice would you give to a CIO?

The one-piece of advice would be to overcommunicate and collaborate with the CISO. The primary responsibility of the CIO is to ensure the functionality and continuity of IT operations. Equally important to the CIO’s primary duties are to ensure they keep a security-first mindset. This is important as it may seem easier for the IT team to institute policies, which lean more to convenience vs. security.  

What advice would you give to a CEO? 

“Where you lead, they will follow,” meaning every security policy that is in place for employees are also there for the CEO, and everything starts from the top down. People are going to scrutinise every action, or lack thereof, that the CEO makes regarding their own personal security practices. If a CEO doesn’t participate, typically there won’t be a security-first culture within that organisation. As CEO, you need to show employees that you take cybersecurity seriously. This means doing the cybersecurity training like everyone else and engaging with both the security team and employees, so they see you are engaged. It’s important to set an example so that employees see that meeting the requirements and standards set forth by the company are a top priority.

Unfortunately, the rewards for cybercriminals have become greater than the risks. To this end, they are continually developing new and innovative ways to leverage inherent network infrastructure weaknesses.

To lessen the impact of ransomware attacks and subsequent payments, organisations must remain vigilant and take proactive measures such as securing the network and prioritising cybersecurity training for all employees. 

Jason Manar is Chief Information Security Officer at Kaseya.

You Might Also Read:

Building a Threat-Ready Ransomware Response Plan:

 

« CISA Reports No Significant Attacks On US Elections
International Fraud Awareness Week: Every Individual Has A Part to Play »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

AtkinsRéalis

AtkinsRéalis

AtkinsRealis is a market-leading design, engineering and project management consultancy operating in fields ranging from infrastructure, through energy and transport to cybersecurity.

IONU Security

IONU Security

IONU offer a security platform focused specifically on providing Data-centric Security.

Information Network Security Agency (INSA) - Ethiopia

Information Network Security Agency (INSA) - Ethiopia

INSA's vision is to realize a globally competent National Cyber capability which plays a key role in protecting the national interests of Ethiopia.

Asseco Group

Asseco Group

Asseco Poland stands at the forefront of the multinational Asseco Group. We are a leading provider of state-of-the-art IT solutions in Central and Eastern Europe.

Momentum Cyber

Momentum Cyber

Momentum Cyber provides world-class M&A and strategic advice combined with unparalleled senior-level access to the Cybersecurity ecosystem.

ACPL Systems

ACPL Systems

We offer leading-edge technology solutions, expert professional and managed services and proven methodologies to ensure your data is protected and business risks are reduced.

AngelList

AngelList

AngelList champion startups and the people who empower them. Search tech & startup jobs, find new tech products, and invest in startups.

Early Birds

Early Birds

Early Birds is a Business to Business (B2B) marketplace for Innovators (Startups/Scaleups) and Early Adopters to exchange value early on.

Injazat

Injazat

Injazat Data Systems is an industry recognized market leader in the Gulf region for Information Technology, Data Center and Managed Services.

RiskXchange

RiskXchange

RiskXchange's cybersecurity risk rating solution helps businesses solve complex cybersecurity and compliance challenges by providing a 360-degree view of your cybersecurity posture.

Cybaverse

Cybaverse

Cybaverse (formerly North Star Cyber Security) was founded to create the perfect blend of a Managed Security Service Provider (MSSP) and a Cyber Security Consultancy in one.

CornerStone

CornerStone

CornerStone is an award winning, independent risk, cyber and security consulting firm providing a range of Risk Management, Security Design and Implementation Management Services.

Hexagon

Hexagon

Hexagon is a global leader in digital reality solutions. We are putting data to work to boost efficiency, productivity, quality and safety.

Institute for Applied Network Security (IANS)

Institute for Applied Network Security (IANS)

For the security practitioner caught between rapidly evolving threats and demanding executives, IANS Research is a clear-headed resource for decision making and articulating risk.

Aim Security

Aim Security

Aim empowers enterprises to unlock the full potential of GenAI technology without compromising security. GenAI makes business better - Aim makes GenAI secure.

RIIG Technology

RIIG Technology

Our mission is to empower organizations with high-quality, verifiable data and advanced intelligence solutions, ensuring robust security and effective risk management.