SlideShare a Scribd company logo

Communication is Key to Addressing Ransomware and Extortion.pdf

E
Enterprise Insider

Recovery can be faster and easier if a company understands and prepares for the full impact of a ransomware attack. Leaders, however, are often unprepared, particularly regarding the critical communications required to notify and instruct all stakeholders impacted by an attack. Leaders must reconsider their approach to ransomware and extortion.

Technology
1 of 2
Download to read offline
6/21/22, 6:38 PM Communication is Key to Addressing Ransomware and Extortion https://itsecuritywire.com/featured/communication-is-key-to-addressing-ransomware-and-extortion/ 1/2 Communication is Key to Addressing Ransomware and Extortion Recovery can be faster and easier if a company understands and prepares for the full impact of a ransomware attack. Leaders, however, are often unprepared, particularly regarding the critical communications required to notify and instruct all stakeholders impacted by an attack. Leaders must reconsider their approach to ransomware and extortion. A traditional approach to a ransomware attack is generally focused entirely on a technical assessment. However, ransomware’s consequences stretch far beyond security housekeeping and a system reboot. There is sometimes a disconnect between what needs to be done and conveyed within the organization and existing incident response plans. Leaders must understand that ransomware is a business risk, not just a cybersecurity one, and they must take the appropriate actions properly to deal with any crisis. Ransomware Strategies Evolve Although ransomware has been here for a long time, the strategies and objectives of threat actors have recently evolved. They sometimes choose targets based on political considerations rather than monetary gain. Due to the ideological divide, many underground players have called for the return of ransomware threat groups to the mainstream underground and targeting entities, particularly in government, banking, and critical infrastructure industries. New Strategies Open the Door New threat actors are also bringing new ideas and methods to the table. Some attacks, for example, are more devastating than disruptive, deleting or causing damage to backups. This nullifies Plan B and makes it more difficult for a compromised target to recover. It can also harm a company’s reputation and credibility. Access to “plug-and-play” technologies, such as Ransomware-as-a-Service (RaaS) products that can be readily purchased on the Dark Web and deployed, makes life easier for threat actors. There’s also great interest in network access sales, wherein hackers sell a shortcut to a hacked network to smart and experienced threat actors for a fee. By Prangya Pandab - June 20, 2022
6/21/22, 6:38 PM Communication is Key to Addressing Ransomware and Extortion https://itsecuritywire.com/featured/communication-is-key-to-addressing-ransomware-and-extortion/ 2/2 One of the emerging flavors of ransomware is extortion, wherein threat actors launch a public, corporate disinformation campaign targeted at undermining confidence and public faith in a company. When an organization refuses to pay a ransom, threat actors directly approach individuals whose information has been stolen. As a result, companies may have to protect themselves against a broader ecosystem of stakeholders while dealing with cyber challenges and getting their business back up and running. Also Read: Safeguarding the Organization Against Ransomware and Cyber Extortion According to Accenture’s “2021 Cyber Threat Intelligence Report,” there was a year-over-year increase of 107 percent in ransomware and extortion attacks and a 33 percent increase in intrusion volume from extortion and ransomware. These increasing threats put a strain on traditional crisis management, highlighting the significance of coordinated communications and planning. Bridging the Communication Gap When all aspects of a company work together, the entire company benefits. Tabletop exercises are common among cybersecurity professionals, but they should be expanded to include executive-level exercises. This allows businesses to test their security against a ransomware attack in front of their stakeholders, simulating the intensity and risk of a “real-life” attack. An organization’s recovery can be hampered if it takes an uncoordinated first step. Companies can prevent the domino effect by defining a playbook and providing a clear plan for the entire business, directed by the C-suite. Maintaining regular cybersecurity patching hygiene processes and incorporating an intelligence-driven strategy to attack surface management and vulnerability programs are critical to averting ransomware. To be more resilient, businesses must better understand their internal reporting duties and operate in a thoughtful, transparent, and factual manner. For more such updates follow us on Google News ITsecuritywire News Prangya Pandab https://itsecuritywire.com/ Prangya Pandab is an Associate Editor with OnDot Media. She is a seasoned journalist with almost seven years of experience in the business news sector. Before joining ODM, she was a journalist with CNBC-TV18 for four years. She also had a brief stint with an infrastructure finance company working for their communications and branding vertical.

Recommended

Cyber Management vfd
Cyber Management vfdCyber Management vfd
Cyber Management vfd
Ladd Muzzy
 
True Cost of Ransomware to Your Business
True Cost of Ransomware to Your BusinessTrue Cost of Ransomware to Your Business
True Cost of Ransomware to Your Business
IndusfacePvtLtd
 
White paper cyber risk appetite defining and understanding risk in the moder...
White paper cyber risk appetite defining and understanding risk in the moder...White paper cyber risk appetite defining and understanding risk in the moder...
White paper cyber risk appetite defining and understanding risk in the moder...
balejandre
 
Article is your organisation ready for the next ransomware attack - paul wr...
Article is your organisation ready for the next ransomware attack - paul wr...Article is your organisation ready for the next ransomware attack - paul wr...
Article is your organisation ready for the next ransomware attack - paul wr...
Paul Wright MSc
 
Threat Lifecycle Management_Whitepaper
Threat Lifecycle Management_WhitepaperThreat Lifecycle Management_Whitepaper
Threat Lifecycle Management_Whitepaper
Duncan Hart
 
threat-lifecycle-management-whitepaper
threat-lifecycle-management-whitepaperthreat-lifecycle-management-whitepaper
threat-lifecycle-management-whitepaper
Rudy Piekarski
 
security-team-guide-reducing-operational-risk.pdf
security-team-guide-reducing-operational-risk.pdfsecurity-team-guide-reducing-operational-risk.pdf
security-team-guide-reducing-operational-risk.pdf
gokuforhelp
 
What Ransomware Taught us in 2021?
What Ransomware Taught us in 2021?What Ransomware Taught us in 2021?
What Ransomware Taught us in 2021?
MaryJWilliams2
 

Recommended

Cyber Management vfd
Cyber Management vfdCyber Management vfd
Cyber Management vfd
Ladd Muzzy
 
True Cost of Ransomware to Your Business
True Cost of Ransomware to Your BusinessTrue Cost of Ransomware to Your Business
True Cost of Ransomware to Your Business
IndusfacePvtLtd
 
White paper cyber risk appetite defining and understanding risk in the moder...
White paper cyber risk appetite defining and understanding risk in the moder...White paper cyber risk appetite defining and understanding risk in the moder...
White paper cyber risk appetite defining and understanding risk in the moder...
balejandre
 
Article is your organisation ready for the next ransomware attack - paul wr...
Article is your organisation ready for the next ransomware attack - paul wr...Article is your organisation ready for the next ransomware attack - paul wr...
Article is your organisation ready for the next ransomware attack - paul wr...
Paul Wright MSc
 
Threat Lifecycle Management_Whitepaper
Threat Lifecycle Management_WhitepaperThreat Lifecycle Management_Whitepaper
Threat Lifecycle Management_Whitepaper
Duncan Hart
 
threat-lifecycle-management-whitepaper
threat-lifecycle-management-whitepaperthreat-lifecycle-management-whitepaper
threat-lifecycle-management-whitepaper
Rudy Piekarski
 
security-team-guide-reducing-operational-risk.pdf
security-team-guide-reducing-operational-risk.pdfsecurity-team-guide-reducing-operational-risk.pdf
security-team-guide-reducing-operational-risk.pdf
gokuforhelp
 
What Ransomware Taught us in 2021?
What Ransomware Taught us in 2021?What Ransomware Taught us in 2021?
What Ransomware Taught us in 2021?
MaryJWilliams2
 
Understanding Advanced Cybersecurity Threats for the In-House Counsel
Understanding Advanced Cybersecurity Threats for the In-House CounselUnderstanding Advanced Cybersecurity Threats for the In-House Counsel
Understanding Advanced Cybersecurity Threats for the In-House Counsel
Adam Palmer
 
Adam Palmer: Managing Advanced Cyber Threats for In-House Counsel
Adam Palmer: Managing Advanced Cyber Threats for In-House CounselAdam Palmer: Managing Advanced Cyber Threats for In-House Counsel
Adam Palmer: Managing Advanced Cyber Threats for In-House Counsel
Adam Palmer
 
Cybersecurity After WannaCry: How to Resist Future Attacks
Cybersecurity After WannaCry: How to Resist Future AttacksCybersecurity After WannaCry: How to Resist Future Attacks
Cybersecurity After WannaCry: How to Resist Future Attacks
Strategy&, a member of the PwC network
 
Getting ahead of compromise
Getting ahead of compromiseGetting ahead of compromise
Getting ahead of compromise
CMR WORLD TECH
 
MP_OneSheet_VulnThreat
MP_OneSheet_VulnThreatMP_OneSheet_VulnThreat
MP_OneSheet_VulnThreat
Katherine Johnston, CFE
 
What Every CISO Should Learn From the Target Attack
What Every CISO Should Learn From the Target AttackWhat Every CISO Should Learn From the Target Attack
What Every CISO Should Learn From the Target Attack
Booz Allen Hamilton
 
Security - intelligence - maturity-model-ciso-whitepaper
Security - intelligence - maturity-model-ciso-whitepaperSecurity - intelligence - maturity-model-ciso-whitepaper
Security - intelligence - maturity-model-ciso-whitepaper
CMR WORLD TECH
 
Ransomware attack
Ransomware attackRansomware attack
Ransomware attack
kamranrazzaq8
 
10 Questions for the C-Suite in Assessing Cyber Risk
10 Questions for the C-Suite in Assessing Cyber Risk10 Questions for the C-Suite in Assessing Cyber Risk
10 Questions for the C-Suite in Assessing Cyber Risk
Mark Gibson
 
Four Ways Businesses Can Secure Themselves from Digital Supply Chain Attacks.pdf
Four Ways Businesses Can Secure Themselves from Digital Supply Chain Attacks.pdfFour Ways Businesses Can Secure Themselves from Digital Supply Chain Attacks.pdf
Four Ways Businesses Can Secure Themselves from Digital Supply Chain Attacks.pdf
Enterprise Insider
 
Cyber threat forecast 2018..
Cyber threat forecast 2018..Cyber threat forecast 2018..
Cyber threat forecast 2018..
Bolaji James Bankole CCSS,CEH,MCSA,MCSE,MCP,CCNA,
 
Cyber threat Intelligence Dubai - Ahad.pptx
Cyber threat Intelligence Dubai - Ahad.pptxCyber threat Intelligence Dubai - Ahad.pptx
Cyber threat Intelligence Dubai - Ahad.pptx
Ahad
 
Ransomware: Attack, Human Impact and Mitigation
Ransomware: Attack, Human Impact and MitigationRansomware: Attack, Human Impact and Mitigation
Ransomware: Attack, Human Impact and Mitigation
Maaz Ahmed Shaikh
 
The Unconventional Guide to Cyber Threat Intelligence - Ahad.pdf
The Unconventional Guide to Cyber Threat Intelligence - Ahad.pdfThe Unconventional Guide to Cyber Threat Intelligence - Ahad.pdf
The Unconventional Guide to Cyber Threat Intelligence - Ahad.pdf
Ahad
 
Mark Lanterman - The Risk Report October 2015
Mark Lanterman - The Risk Report October 2015Mark Lanterman - The Risk Report October 2015
Mark Lanterman - The Risk Report October 2015
Mark Lanterman
 
Darktrace enterprise immune system whitepaper_digital
Darktrace enterprise immune system whitepaper_digitalDarktrace enterprise immune system whitepaper_digital
Darktrace enterprise immune system whitepaper_digital
CMR WORLD TECH
 
Ask the Experts final
Ask the Experts finalAsk the Experts final
Ask the Experts final
Daren Dunkel
 
Tips to Make an Incident Response Plan to Tackle Cyber Threats and Safeguardi...
Tips to Make an Incident Response Plan to Tackle Cyber Threats and Safeguardi...Tips to Make an Incident Response Plan to Tackle Cyber Threats and Safeguardi...
Tips to Make an Incident Response Plan to Tackle Cyber Threats and Safeguardi...
Ahad
 
Darktrace_WhitePaper_EnterpriseImmuneSystem
Darktrace_WhitePaper_EnterpriseImmuneSystemDarktrace_WhitePaper_EnterpriseImmuneSystem
Darktrace_WhitePaper_EnterpriseImmuneSystem
Austin Eppstein
 
F5 Hero Asset - Inside the head of a Hacker Final
F5 Hero Asset - Inside the head of a Hacker FinalF5 Hero Asset - Inside the head of a Hacker Final
F5 Hero Asset - Inside the head of a Hacker Final
Shallu Behar-Sheehan FCIM
 
Five Essential Techniques to Prevent Data Leaks - ITSecurityWire.pdf
Five Essential Techniques to Prevent Data Leaks - ITSecurityWire.pdfFive Essential Techniques to Prevent Data Leaks - ITSecurityWire.pdf
Five Essential Techniques to Prevent Data Leaks - ITSecurityWire.pdf
Enterprise Insider
 
Dark Data Management_ Mitigating the Risks of the Invisible - EnterpriseTalk.pdf
Dark Data Management_ Mitigating the Risks of the Invisible - EnterpriseTalk.pdfDark Data Management_ Mitigating the Risks of the Invisible - EnterpriseTalk.pdf
Dark Data Management_ Mitigating the Risks of the Invisible - EnterpriseTalk.pdf
Enterprise Insider
 

More Related Content

Similar to Communication is Key to Addressing Ransomware and Extortion.pdf

Ransomware attack
Ransomware attackRansomware attack
Ransomware attack
kamranrazzaq8
 
Ransomware: Attack, Human Impact and Mitigation
Ransomware: Attack, Human Impact and MitigationRansomware: Attack, Human Impact and Mitigation
Ransomware: Attack, Human Impact and Mitigation
Maaz Ahmed Shaikh
 
Mark Lanterman - The Risk Report October 2015
Mark Lanterman - The Risk Report October 2015Mark Lanterman - The Risk Report October 2015
Mark Lanterman - The Risk Report October 2015
Mark Lanterman
 
Ask the Experts final
Ask the Experts finalAsk the Experts final
Ask the Experts final
Daren Dunkel
 
Darktrace_WhitePaper_EnterpriseImmuneSystem
Darktrace_WhitePaper_EnterpriseImmuneSystemDarktrace_WhitePaper_EnterpriseImmuneSystem
Darktrace_WhitePaper_EnterpriseImmuneSystem
Austin Eppstein
 
F5 Hero Asset - Inside the head of a Hacker Final
F5 Hero Asset - Inside the head of a Hacker FinalF5 Hero Asset - Inside the head of a Hacker Final
F5 Hero Asset - Inside the head of a Hacker Final
Shallu Behar-Sheehan FCIM
 

Similar to Communication is Key to Addressing Ransomware and Extortion.pdf (20)

Understanding Advanced Cybersecurity Threats for the In-House Counsel
Understanding Advanced Cybersecurity Threats for the In-House CounselUnderstanding Advanced Cybersecurity Threats for the In-House Counsel
Understanding Advanced Cybersecurity Threats for the In-House Counsel
 
Adam Palmer: Managing Advanced Cyber Threats for In-House Counsel
Adam Palmer: Managing Advanced Cyber Threats for In-House CounselAdam Palmer: Managing Advanced Cyber Threats for In-House Counsel
Adam Palmer: Managing Advanced Cyber Threats for In-House Counsel
 
Cybersecurity After WannaCry: How to Resist Future Attacks
Cybersecurity After WannaCry: How to Resist Future AttacksCybersecurity After WannaCry: How to Resist Future Attacks
Cybersecurity After WannaCry: How to Resist Future Attacks
 
Getting ahead of compromise
Getting ahead of compromiseGetting ahead of compromise
Getting ahead of compromise
 
MP_OneSheet_VulnThreat
MP_OneSheet_VulnThreatMP_OneSheet_VulnThreat
MP_OneSheet_VulnThreat
 
What Every CISO Should Learn From the Target Attack
What Every CISO Should Learn From the Target AttackWhat Every CISO Should Learn From the Target Attack
What Every CISO Should Learn From the Target Attack
 
Security - intelligence - maturity-model-ciso-whitepaper
Security - intelligence - maturity-model-ciso-whitepaperSecurity - intelligence - maturity-model-ciso-whitepaper
Security - intelligence - maturity-model-ciso-whitepaper
 
Ransomware attack
Ransomware attackRansomware attack
Ransomware attack
 
10 Questions for the C-Suite in Assessing Cyber Risk
10 Questions for the C-Suite in Assessing Cyber Risk10 Questions for the C-Suite in Assessing Cyber Risk
10 Questions for the C-Suite in Assessing Cyber Risk
 
Four Ways Businesses Can Secure Themselves from Digital Supply Chain Attacks.pdf
Four Ways Businesses Can Secure Themselves from Digital Supply Chain Attacks.pdfFour Ways Businesses Can Secure Themselves from Digital Supply Chain Attacks.pdf
Four Ways Businesses Can Secure Themselves from Digital Supply Chain Attacks.pdf
 
Cyber threat forecast 2018..
Cyber threat forecast 2018..Cyber threat forecast 2018..
Cyber threat forecast 2018..
 
Cyber threat Intelligence Dubai - Ahad.pptx
Cyber threat Intelligence Dubai - Ahad.pptxCyber threat Intelligence Dubai - Ahad.pptx
Cyber threat Intelligence Dubai - Ahad.pptx
 
Ransomware: Attack, Human Impact and Mitigation
Ransomware: Attack, Human Impact and MitigationRansomware: Attack, Human Impact and Mitigation
Ransomware: Attack, Human Impact and Mitigation
 
The Unconventional Guide to Cyber Threat Intelligence - Ahad.pdf
The Unconventional Guide to Cyber Threat Intelligence - Ahad.pdfThe Unconventional Guide to Cyber Threat Intelligence - Ahad.pdf
The Unconventional Guide to Cyber Threat Intelligence - Ahad.pdf
 
Mark Lanterman - The Risk Report October 2015
Mark Lanterman - The Risk Report October 2015Mark Lanterman - The Risk Report October 2015
Mark Lanterman - The Risk Report October 2015
 
Darktrace enterprise immune system whitepaper_digital
Darktrace enterprise immune system whitepaper_digitalDarktrace enterprise immune system whitepaper_digital
Darktrace enterprise immune system whitepaper_digital
 
Ask the Experts final
Ask the Experts finalAsk the Experts final
Ask the Experts final
 
Tips to Make an Incident Response Plan to Tackle Cyber Threats and Safeguardi...
Tips to Make an Incident Response Plan to Tackle Cyber Threats and Safeguardi...Tips to Make an Incident Response Plan to Tackle Cyber Threats and Safeguardi...
Tips to Make an Incident Response Plan to Tackle Cyber Threats and Safeguardi...
 
Darktrace_WhitePaper_EnterpriseImmuneSystem
Darktrace_WhitePaper_EnterpriseImmuneSystemDarktrace_WhitePaper_EnterpriseImmuneSystem
Darktrace_WhitePaper_EnterpriseImmuneSystem
 
F5 Hero Asset - Inside the head of a Hacker Final
F5 Hero Asset - Inside the head of a Hacker FinalF5 Hero Asset - Inside the head of a Hacker Final
F5 Hero Asset - Inside the head of a Hacker Final
 

More from Enterprise Insider

More from Enterprise Insider (20)

Five Essential Techniques to Prevent Data Leaks - ITSecurityWire.pdf
Five Essential Techniques to Prevent Data Leaks - ITSecurityWire.pdfFive Essential Techniques to Prevent Data Leaks - ITSecurityWire.pdf
Five Essential Techniques to Prevent Data Leaks - ITSecurityWire.pdf
 
Dark Data Management_ Mitigating the Risks of the Invisible - EnterpriseTalk.pdf
Dark Data Management_ Mitigating the Risks of the Invisible - EnterpriseTalk.pdfDark Data Management_ Mitigating the Risks of the Invisible - EnterpriseTalk.pdf
Dark Data Management_ Mitigating the Risks of the Invisible - EnterpriseTalk.pdf
 
Tips to Overcome Integration Challenges of Modern Enterprises - EnterpriseTal...
Tips to Overcome Integration Challenges of Modern Enterprises - EnterpriseTal...Tips to Overcome Integration Challenges of Modern Enterprises - EnterpriseTal...
Tips to Overcome Integration Challenges of Modern Enterprises - EnterpriseTal...
 
Three Strategies for Fostering Teamwork in a Hybrid Setting.pdf
Three Strategies for Fostering Teamwork in a Hybrid Setting.pdfThree Strategies for Fostering Teamwork in a Hybrid Setting.pdf
Three Strategies for Fostering Teamwork in a Hybrid Setting.pdf
 
Addressing SaaS Security Challenges with Comprehensive SaaS Management - ITSe...
Addressing SaaS Security Challenges with Comprehensive SaaS Management - ITSe...Addressing SaaS Security Challenges with Comprehensive SaaS Management - ITSe...
Addressing SaaS Security Challenges with Comprehensive SaaS Management - ITSe...
 
Insider Threats_ Top Four Ways to Protect Enterprises - ITSecurityWire.pdf
Insider Threats_ Top Four Ways to Protect Enterprises - ITSecurityWire.pdfInsider Threats_ Top Four Ways to Protect Enterprises - ITSecurityWire.pdf
Insider Threats_ Top Four Ways to Protect Enterprises - ITSecurityWire.pdf
 
Addressing Risks Associated with Extended Software Supply Chain - ITSecurityW...
Addressing Risks Associated with Extended Software Supply Chain - ITSecurityW...Addressing Risks Associated with Extended Software Supply Chain - ITSecurityW...
Addressing Risks Associated with Extended Software Supply Chain - ITSecurityW...
 
Three Key Ways OEMs Can Mitigate Their Cyber-Threat Risk.pdf
Three Key Ways OEMs Can Mitigate Their Cyber-Threat Risk.pdfThree Key Ways OEMs Can Mitigate Their Cyber-Threat Risk.pdf
Three Key Ways OEMs Can Mitigate Their Cyber-Threat Risk.pdf
 
Why MLOps is Essential for AI-enabled Enterprises.pdf
Why MLOps is Essential for AI-enabled Enterprises.pdfWhy MLOps is Essential for AI-enabled Enterprises.pdf
Why MLOps is Essential for AI-enabled Enterprises.pdf
 
Four Third-Party Risk Cyber Gaps that Businesses Need to be Aware of in 2022.pdf
Four Third-Party Risk Cyber Gaps that Businesses Need to be Aware of in 2022.pdfFour Third-Party Risk Cyber Gaps that Businesses Need to be Aware of in 2022.pdf
Four Third-Party Risk Cyber Gaps that Businesses Need to be Aware of in 2022.pdf
 
Why CISOs Need a New Approach to Enhance Attack Surface Visibility.pdf
Why CISOs Need a New Approach to Enhance Attack Surface Visibility.pdfWhy CISOs Need a New Approach to Enhance Attack Surface Visibility.pdf
Why CISOs Need a New Approach to Enhance Attack Surface Visibility.pdf
 
Indispensable Role Of CTOs and CIOs in Advancing Technological Change.pdf
Indispensable Role Of CTOs and CIOs in Advancing Technological Change.pdfIndispensable Role Of CTOs and CIOs in Advancing Technological Change.pdf
Indispensable Role Of CTOs and CIOs in Advancing Technological Change.pdf
 
How Enterprises Can Strengthen Their Threat Detection and Response.pdf
How Enterprises Can Strengthen Their Threat Detection and Response.pdfHow Enterprises Can Strengthen Their Threat Detection and Response.pdf
How Enterprises Can Strengthen Their Threat Detection and Response.pdf
 
Why Data-Centric Security Needs to be a Top Priority for Enterprises.pdf
Why Data-Centric Security Needs to be a Top Priority for Enterprises.pdfWhy Data-Centric Security Needs to be a Top Priority for Enterprises.pdf
Why Data-Centric Security Needs to be a Top Priority for Enterprises.pdf
 
Four Steps to Boosting Cybersecurity Hygiene - ITSecurityWire.pdf
Four Steps to Boosting Cybersecurity Hygiene - ITSecurityWire.pdfFour Steps to Boosting Cybersecurity Hygiene - ITSecurityWire.pdf
Four Steps to Boosting Cybersecurity Hygiene - ITSecurityWire.pdf
 
Three Ways To Secure Cloud Migration.pdf
Three Ways To Secure Cloud Migration.pdfThree Ways To Secure Cloud Migration.pdf
Three Ways To Secure Cloud Migration.pdf
 
Five Strategies for Enterprises to Secure their Kubernetes Clusters.pdf
Five Strategies for Enterprises to Secure their Kubernetes Clusters.pdfFive Strategies for Enterprises to Secure their Kubernetes Clusters.pdf
Five Strategies for Enterprises to Secure their Kubernetes Clusters.pdf
 
Four Key Attributes of a Successful CISO.pdf
Four Key Attributes of a Successful CISO.pdfFour Key Attributes of a Successful CISO.pdf
Four Key Attributes of a Successful CISO.pdf
 
How an Inclusive C-Suite Changes Organization Perspective.pdf
How an Inclusive C-Suite Changes Organization Perspective.pdfHow an Inclusive C-Suite Changes Organization Perspective.pdf
How an Inclusive C-Suite Changes Organization Perspective.pdf
 
Strengthening Supply Chain Security Against Cyber-Attacks.pdf
Strengthening Supply Chain Security Against Cyber-Attacks.pdfStrengthening Supply Chain Security Against Cyber-Attacks.pdf
Strengthening Supply Chain Security Against Cyber-Attacks.pdf
 

Recently uploaded

Ransomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfRansomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdf
Overkill Security
 
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Orbitshub
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Victor Rentea
 

Recently uploaded (20)

EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWEREMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
 
Ransomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfRansomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdf
 
Spring Boot vs Quarkus the ultimate battle - DevoxxUK
Spring Boot vs Quarkus the ultimate battle - DevoxxUKSpring Boot vs Quarkus the ultimate battle - DevoxxUK
Spring Boot vs Quarkus the ultimate battle - DevoxxUK
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor Presentation
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
Exploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusExploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with Milvus
 
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 

Communication is Key to Addressing Ransomware and Extortion.pdf

  • 1. 6/21/22, 6:38 PM Communication is Key to Addressing Ransomware and Extortion https://itsecuritywire.com/featured/communication-is-key-to-addressing-ransomware-and-extortion/ 1/2 Communication is Key to Addressing Ransomware and Extortion Recovery can be faster and easier if a company understands and prepares for the full impact of a ransomware attack. Leaders, however, are often unprepared, particularly regarding the critical communications required to notify and instruct all stakeholders impacted by an attack. Leaders must reconsider their approach to ransomware and extortion. A traditional approach to a ransomware attack is generally focused entirely on a technical assessment. However, ransomware’s consequences stretch far beyond security housekeeping and a system reboot. There is sometimes a disconnect between what needs to be done and conveyed within the organization and existing incident response plans. Leaders must understand that ransomware is a business risk, not just a cybersecurity one, and they must take the appropriate actions properly to deal with any crisis. Ransomware Strategies Evolve Although ransomware has been here for a long time, the strategies and objectives of threat actors have recently evolved. They sometimes choose targets based on political considerations rather than monetary gain. Due to the ideological divide, many underground players have called for the return of ransomware threat groups to the mainstream underground and targeting entities, particularly in government, banking, and critical infrastructure industries. New Strategies Open the Door New threat actors are also bringing new ideas and methods to the table. Some attacks, for example, are more devastating than disruptive, deleting or causing damage to backups. This nullifies Plan B and makes it more difficult for a compromised target to recover. It can also harm a company’s reputation and credibility. Access to “plug-and-play” technologies, such as Ransomware-as-a-Service (RaaS) products that can be readily purchased on the Dark Web and deployed, makes life easier for threat actors. There’s also great interest in network access sales, wherein hackers sell a shortcut to a hacked network to smart and experienced threat actors for a fee. By Prangya Pandab - June 20, 2022
  • 2. 6/21/22, 6:38 PM Communication is Key to Addressing Ransomware and Extortion https://itsecuritywire.com/featured/communication-is-key-to-addressing-ransomware-and-extortion/ 2/2 One of the emerging flavors of ransomware is extortion, wherein threat actors launch a public, corporate disinformation campaign targeted at undermining confidence and public faith in a company. When an organization refuses to pay a ransom, threat actors directly approach individuals whose information has been stolen. As a result, companies may have to protect themselves against a broader ecosystem of stakeholders while dealing with cyber challenges and getting their business back up and running. Also Read: Safeguarding the Organization Against Ransomware and Cyber Extortion According to Accenture’s “2021 Cyber Threat Intelligence Report,” there was a year-over-year increase of 107 percent in ransomware and extortion attacks and a 33 percent increase in intrusion volume from extortion and ransomware. These increasing threats put a strain on traditional crisis management, highlighting the significance of coordinated communications and planning. Bridging the Communication Gap When all aspects of a company work together, the entire company benefits. Tabletop exercises are common among cybersecurity professionals, but they should be expanded to include executive-level exercises. This allows businesses to test their security against a ransomware attack in front of their stakeholders, simulating the intensity and risk of a “real-life” attack. An organization’s recovery can be hampered if it takes an uncoordinated first step. Companies can prevent the domino effect by defining a playbook and providing a clear plan for the entire business, directed by the C-suite. Maintaining regular cybersecurity patching hygiene processes and incorporating an intelligence-driven strategy to attack surface management and vulnerability programs are critical to averting ransomware. To be more resilient, businesses must better understand their internal reporting duties and operate in a thoughtful, transparent, and factual manner. For more such updates follow us on Google News ITsecuritywire News Prangya Pandab https://itsecuritywire.com/ Prangya Pandab is an Associate Editor with OnDot Media. She is a seasoned journalist with almost seven years of experience in the business news sector. Before joining ODM, she was a journalist with CNBC-TV18 for four years. She also had a brief stint with an infrastructure finance company working for their communications and branding vertical.