Taming Ransomware
Security breaches usually entail more recovery efforts than acts of God.Unlike proverbial lightning, breaches of security can be counted on to strike twice unless the route of compromise has been shut off ‰- FedCIRC
This
comment, though it sounds bit ridiculous comes from none other than Federal Computer Incident Response Center (FedCIRC), a part of the US Homeland Security. It in a way gives a nutshell perspective on how difficult it is to restore the lost digital sanity of those affected by security threats like ransomware.
Clearly, 100% digital security SLA is a utopia and the custodians of the digital security -the CISOs, CIOs and CTOs, often times were caught unaware leading to reputational damage and data breach.
Before delving into some best practices, let’s decode what is ransomware for the sake of getting a context. Experts say: “Ransomware is any type of malicious software that is designed to block access to a computer system until the desired sum of money known as ransom is paid. There are various channels through which ransomware could land on the system. The most common ways include phishing email, USB, network or website compromise. Once ransomware is executed on a system it encrypts the data, renders files inaccessible, presents a ransom note and asks the user to pay a ransom.”
Many companies still have a reactive approach to security and hence they struggle to bounce back when they fall victim to ransomware or any other data breach. What is needed is a complete rethink of the security processes and practices that enable one to deploy a security policy that is in sync with the threat landscape and is pro-active and not reactive. Managing and mitigating ransomware and other security threats call for a multi-pronged approach. It’s not just about technology only – a policy-driven approach is needed. Security has to be managed through an eco-system where each element is in sync with others and creates a proactive infrastructure.
Experts say that Cybersecurity is a critical area for CIOs and CISOs and assumes paramount importance. With the continuing proliferation of technology, it is extremely important to build a highly effective cybersecurity landscape that is capable of safeguarding businesses from sophisticated attackers.
Experts also expect the security vendors’ strategy to undergo a fundamental shift with tangible deliverables becoming part of SLAs. Today, the spotlight is on vendors and the security offerings they sell should come with a high degree of trust, and even after having a security suite, and enterprise falls prey to ransomware, then they lose credibility and trust deficit comes in.
Clearly, 100% digital security SLA is a utopia and the custodians of the digital security - the CISOs, CIOs and CTOs, often tiems were caught unaware leading to reputational damage and data breach.