By Simeon Tassev, MD and QSA at Galix
It is no secret that ransomware attacks are on the rise – the remote working, post-pandemic world has lent itself to an increase in both the velocity and profitability of cyberthreats. This goes hand in hand with a growing awareness of the threat, and greater publicity of breaches thanks to a renewed focus on data privacy. The threat of a cyber war hangs in the air, as data has become a global currency, and multinational corporations have issued warnings that businesses with links to the US may be under threat. Dealing with the threat requires a multi-layered approach to security that has been tailored to the needs of an individual business.
Not new, but accelerating
None of this is anything new, but the number of attacks being perpetrated and the speed at which they are being executed is accelerating. Trends show that there has been a substantial increase in cybercrime over the past two years, and this can be linked to an increasingly digital world and the rise of cryptocurrencies which mean that the pay out for a successful breach is more profitable than ever.
There have also been a few successful counterattacks, the most notable of which was the recent collaboration between the US and Russian authorities, where Russia dismantled ransomware crime group REvil at the request of the United States. The bottom line is that cybercrime is highly profitable with few real consequences or risks for attackers. So, what can businesses do to protect themselves from this growing threat?
Many layers make for greater success
The approach to protection remains the same, with multiple layers of protection needed to deal with the various threat elements. There are proactive and reactive measures that can be put into place, different levels of risk management, technologies and controls which can be built into a solid security foundation.
This includes technology to protect from the various angles of ransomware, from endpoint protection to prevent and protect at a device level, to email security to detect spam and infected links and attachments and prevent them from being opened. Data protection and management solutions are important to ensure data is safeguarded and remains available. There is also advanced threat protection for networks to analyse traffic on the network, as well as next-generation tools incorporating artificial intelligence and machine learning. Frameworks like NIST and SASE can be utilised for data, identity and access management and for incorporating zero trust policies.
One size does not fit all
While there are many tools and frameworks available to assist, not all of these solutions are applicable to every business. While there are some generic controls that all organisations require, the key here is that every organisation will have its own risks and its own risk appetite. This differs based on the size and nature of the organisation. Each will therefore have a different risk profile, which is the basis upon which a security solution must be built. Even within an individual organisation, there are higher risk systems, mission critical assets, and people who will require various levels of access to each of these.
Technology vendors will also have recommendations based on their technology, but again, this is not a one size fits all solution, and is particular to their specific offerings. It is essential to perform a comprehensive risk assessment at the outset, as the base on which to develop a modern approach to cyber protection. This will then inform the best practices, frameworks and solutions that should be implemented to align with and adopt a more secure approach.
Ultimately the best approach to modern cyber protection is to find a solution that works for your business, which is where your security partner comes in. They can assist you to develop the right solution for you, based on risk appetite, business needs, applicable legislation and more. Any successful solution starts with a strategy, based on an assessment of the environment, to create a risk-based approach with the relevant preventative and reactive controls in place. There is no ‘one size fits all’ approach to modern cyber protection.