At a fairly recent
conference for financial institutions that was offering open, candid
discussions and interactive training for cybersecurity leaders in attendance,
ransomware was THE hot topic. In fact, this rising attack-type merited a half
day of training that involved numerous three-letter agencies.IllenaArmstrongThe reasons for this are simple. As SC Media journalists this month reveal in various stories focused on these rising and increasingly costly attacks, ransomware is fast-becoming a lucrative business for the cybercriminals that leverage them. According to Business Insider, ransomware attacks yield about $25 million in revenue for cybercriminals each year.Indeed, many industry
experts believe these attacks are proving the canary in the gold mine for the
more intense and wide-sweeping attacks to come. One CISO noted that attackers
are graduating from targeting larger, private companies that have quietly paid
ransoms and then made moves to bolster their security controls, end-user
awareness training, data backup strategies, and disaster recovery plans, and
instead are setting their sights on more public municipalities and government
targets.
As such, the question
of paying or not paying a ransom that impacts the running of a city and its
interactions and services for citizens is becoming a more open and public
debate. And, it seems, a majority of the public, as we share in one of our
stories this month, are really not down with seeing their towns, cities and
states paying off the bad guys. While many experts and security leaders alike
agree paying a ransom is a viable option, others argue this will lead to still
greater problems – attackers might not unlock files or may strike again.Beyond these problems,
there can be wider implications in choosing to pay, one long-time cybersecurity
expert told me. A huge issue is the lack of knowledge about the identities of
the attackers, he said. The problem, based on his experience, is the boodle
seized by many of the more lucrative attacks are funding terrorist groups and
their physical onslaughts.Whatever the impacts,
ransomware and those yielding these malware attacks have become an exigent
security issue for us all. The range, costs and frequency of these attacks and
their damage are predicted only to grow. And while backups are a key component
to any recovery plan, they’re only a part of the solution. A robust incident
response and disaster recovery strategy is key, along with ongoing maintenance
of security controls. Consistent end-user awareness training helps, too.Peer groups – from
government-sponsored, such as ISAOs, ISACs and InfraGard to private P2P groups
– also are key. There is nothing like getting together with like-minded
practitioners to openly talk down challenges, strategies and solutions, while
gathering still more intel and advice from the law enforcement and government
groups that support them.
There are many ways to do DevSecOps, and each organization — each security team, even — uses a different approach. Questions such as how many environments you have and the frequency of deployment of those environments are important in understanding how to integrate a security scanner into your DevSecOps machinery. The ultimate goal is speed […]
It’s Cybersecurity Awareness Month, but security awareness is about much more than just dedicating a month to a few activities. Security awareness is a journey, requiring motivation along the way. And culture. Especially culture.That’s the point Proofpoint Cybersecurity Evangelist Brian Reed drove home in a recent appearance on Business Security Weekly.“If your security awareness program […]
