Ransomware: What Is the Threat? How To Prepare?

Ransomware: What Is the Threat? How To Prepare?

The Cybersecurity Midwest Summit 2022, hosted by CDO Magazine and ComSpark, focused on various aspects of cybersecurity threats, including ransomware. In this session, the following panelists discuss “Ransomware: What Is the Threat? How To Prepare?” 

  • Mark Jeanmougin, Certified Instructor, SANS

  • Bryan Holmes,  Vice President, Digital & Technology Solution, Andelyn Biosciences

  • Michael Oglesby, Area Vice President, Specialty Sales Engineering, Rubrik

Craig Manahan, the Senior Sales Engineer at Rubrik Inc., moderates the session.

Jeanmougin begins the discussion by stating that, in comparison, ransomware threats were fewer in 2022, giving enterprises time to get ready for the next attack. Against this inference, Holmes adds that threat actors might be one step ahead of every layer of organizational protection. He advises firms to concentrate on their risk posture to secure the areas before everything is exposed.

According to Holmes, the keyword is mitigation. He says that one approach to avoid being taken down at the enterprise level is to control exposure across the organization.

Oglesby offers the following suggestions to lessen ransomware attacks:

  • Dismantle silos — Security and IT must have no barrier

  • Organizations must begin sharing data.

  • Pay attention to the bottom line rather than emphasizing the top-down.

“The first step to preparing, mitigating, remediating, and being resilient against it is having the organizations get closer to working together,” Oglesby says.” He adds that companies must operate in a way that prevents them from going out of business.

Once threat actors get through the defenses, they start commercializing all available data, Oglesby notes. He recommends organizations think of creative ways to demonetize data.

Elaborating, Jeanmougin states, “Defenders tend to start thinking at one point and go to the next point. The attacker tends to think in a graph.”

Holmes advises renouncing the email mentality as a potential solution, noting that doing so will boost organizational security and efficiency. He affirms that pinning user experience and security together will improve work efficiency.

It boils down to application control, says Jeanmougin. “Our issue is we have malicious code, unauthorized code, running on our endpoints.This comes down to how we control what is being executed on our endpoints,” he shares.

In response, Holmes says that identifying identity behavior is the key. “We should focus on what each identity is doing and where it is going. And then you can start to break down those walls.”

Oglesby states that organizations still need to remember the fundamental concept of testing for prevention. He describes understanding the data — what data you have and where it is — as essential for prevention.

Oglesby further mentions that although credit card PIIs are generally regulated, there are no fraud protection measures when using ACH for wireless transfers.

For Holmes, detection — how quickly you can detect something and then step in and stop it from going further — is the first step in prevention. 

In conclusion, Jeanmougin uses the report on the Maersk attack as an illustration. According to Holmes, it is an example of a successful attack and recovery.

Related Stories

No stories found.
CDO Magazine
www.cdomagazine.tech