The Growing Threat of Ransomware

The Cybersecurity Midwest Summit 2022, hosted by CDO Magazine and ComSpark, focuses on the diversity of the cybersecurity landscape through insightful sessions. The session “The Growing Threat of Ransomware” features the following panelists as they discuss ransomware threats, trends, and impact.

Will McGuire, CISO/Cybersecurity Manager, Vernovis

• Tom Scarborough, SVP and Senior Director, Extended Security Program, Fifth Third Bank
• Brandon Lavine, Manager, Information Security, The Gorilla Glue Company
• Drew Perry, Chief Information Security Officer, Serta Simmons Bedding
• Michael Fulton, Senior VP of Business Solutions at Vernovis, moderates the session.

In the opening statement, Perry shares that rather than erasing the data, ransomware now obstructs business and financial transactions directly.

According to statistics, of approximately 20,000 incidents, 20 percent were breaches as stated in the Verizon report for 2022, says Lavine. "Four out of the five breaches are from external individuals," he continues. Additionally, 82 percent of breaches result from the human component.

Expressing his opinion Scarborough says that the introduction of ransomware as a service is a significant factor in the growing threat. He claims that because of this, the barrier has been significantly removed, enabling greater public participation.

Vernovis has an advanced vendor management program, says McGuire. According to him, the third-party evaluation aids in understanding the organization's present level of cybersecurity and how it relates to residual risk.

Perry claims that the global pandemic has a part to play in the changing attack surface. McGuire goes a step further and argues that leaders' actions can at times hinder the incident response. He believes that maintaining composure in the face of a threat is the greatest virtue.

“The important thing is to get as much information as you can so that way, it feeds what you have to do to try to slow it down from happening again or to contain it as quickly as possible,” affirms McGuire. He emphasizes knowing the visibility of your user landscape.

Due to the shift in trend, shares Scarborough, threat actors occasionally attack data first, without encryption. “They just take the data and leverage that to try to entice or force you to pay,” he adds.

Next, Scarborough states that maintaining separate immutable backups is one of the best practices when dealing with ransomware. He additionally urges organizations to carry out all testing and exercise related to that recovery.

For the panelist, it is crucial to prevent malware from entering the ecosystem through proper detection. In case an attack happens, he suggests organizations detect in time to minimize impact.

Furthermore, Scarborough highlights the need to promote awareness and education across the organization.

He mentions that the fifth third bank conducts phishing excercises as a part of the robust program around security awareness.

Lavine mentions knowing third-party risk management and basic cyber hygiene as essential. Perry turns it around and says that likelihood and impact ultimately determine the outcome of risk assessment. He asserts, “Risk is a combination of how likely is it to occur and what the impact is if it occurs.” 

The next speaker shifts focus to asset management and understanding critical assets.

McGuire states, "Reducing exposure and likelihood to ransomware is a journey. It is a multi-step process, and you must have a strategy before you can do it.” He reinforces that user security is just as important as organizational security.

In conclusion, Lavine states that organizational communication is the key, along with a good incident response strategy that involves the entire business in practicing the procedure.

Watch other Cybersecurity Midwest Summit 2022 sessions HERE