Organizations continue to suffer significant financial losses and reputational damage as a result of ransomware attacks that invade their networks and encrypt valuable data. These attacks continue to occur for several reasons, including that organizations are simply ill prepared, they do not understand their security posture in the first place, or they fail to allocate sufficient funds for the needed protections. Compounding this is the scarcity of seasoned cybersecurity professionals. There simply are not enough of us to go around. The picture is quite bleak and the corresponding statistics are astounding.
According to Sophos, in 2019, 51% of companies surveyed were affected by ransomware. By the end of 2019, companies had paid out $11.5 billion in ransomware payments. It is projected that the total payments will reach $20 billion by the end of 2020. The average ransomware demand is $178,000, largely attributable to high dollar figures in large organizations. Nevertheless, the cost to small and medium businesses is not trivial by any standard. In addition, reputational damage is increasing in frequency as hackers move to a more aggressive means to extort money from victims.
Fortunately, the technology available to fend off and protect against ransomware has improved and expanded in capability. If a comprehensive approach is taken, it is entirely possible to reduce the risk of a ransomware infection down to very low levels indeed. Since the risks cannot be entirely eliminated, proper planning will ensure that critical data assets are protected, backed up, and archived so that the harm of an infection is dramatically reduced. The trick then is to plan and execute appropriately.
For planning, Gotham Technology Group has developed a ransomware remediation assessment service that analyzes your current technology state and staff training and makes recommendations for fixing problems and improving things. The assessment examines end points, vulnerability management and patching, browsing protections, email protections, network admission control (NAC), firewall access policy, remote access, privileged account management, logging and alerting, security awareness training and incident readiness. The assessment drills down into the technology itself and into the actual product configurations.
(Note: Data storage is a special case that, due to its complexity and scope, is treated separately from the ransomware readiness assessment.)
Once the assessment discovery phase is completed and our analysts have examined the results, the client is provided with a comprehensive report that details gaps in the existing technologies and highlights improvements to be made to existing configurations. A road map is also provided that helps to prioritize addressing of gaps and programming the implementation of new security controls.
Dealing with ransomware is a necessary evil that many organizations face with great trepidation. But it does not have to be intimidating. With a well-designed plan in place, most organizations can fend off the attacks.
For additional information or to get started on an assessment, contact Gotham today.