DRIVING DIGITAL VIGILANCE
Ransomware Resilience Assessment
Ransomware Resilience Assessment.
Ransomware attacks are on the rise.
Regardless of how big your business is, its structure or which industry you’re in, ransomware is a real threat and the impact for unprepared organisations can be colossal. For some, it can even be terminal.
After the USA, the UK is the second most targeted country recording 14.6 million ransomware attacks. The cost of the attacks is also increasing; The average cost of remediating a ransomware attack has more than doubled in the last 12 months.
Are you ready?
Remember any of these?
- 2017 Maersk – NotPetya (Supply Chain) | Ransom not paid | $250Mn to $300Mn cost to recover – Source: Forbes
- 2021 Colonial Pipeline Co – Darkspace (RaaS) | $4.4Mn ransom paid – Source: Bloomberg
- 2021 Kaseya July 4th 2021 – REvil | $70Mn ransom demand – Source: ZDNet
In the first half of 2020, there were 121.4 million ransomware attacks worldwide. The first half of 2021 has recorded 304.7 million ransomware attack attempts making this the worst year on record.
Cyber Threat Report – SonicWall
Ransomware is a type of malware (malicious software) that covertly encrypts your data, stopping you from accessing it and then demands payment for “safe” recovery. However:
- recovery is not guaranteed
- and confidentiality is certainly not guaranteed either. Your data will most likely be stolen and could be sold or made publicly available
Ransomware is designed to not just hold your organisation’s data ransom, but also to stop you, your customers and suppliers from accessing your systems – essentially stopping your business in its tracks. One of the reasons it’s such a significant threat is that it is designed to impair your ability to recover both your systems and your data.
Being properly prepared is the best defence for ransomware. Building your cyber posture as robustly as possible will of course increase your resilience and reduce the risk but steps need to be taken to ensure if there was a breach, it’s impact and disruption is minimal.
Identifying weaknesses in your cyber security defences that ransomware threat actors can exploit and preparing your organisation for recovery, in the event of a successful attack is paramount.
Ransomware Resilience Assessment
Our Ransomware Resilience Assessment helps your organisation protect and respond to ransomware attacks by examining 11 key security aspects. We then, as standard, provide you with a security improvement plan including identified weaknesses, recommendations and corrective actions and a high level roadmap of prioritised recommendations to help you prepare, secure, detect and respond to ransomware events.
Our service helps your organisation protect and respond to ransomware attacks by examining 11 key security aspects, Including:
- Cyber security objectives and policies
- Access and Authentication Management
- Network and Endpoint security
- Security monitoring
- Phishing defences
- Vulnerability management
- Employee education and awareness
- Backup and Recovery
- Business Continuity & Disaster Recovery (BCDR) Scenarios and Plans
- Incident Response Planning, Preparation and Review
- Supply chain controls
- Identifies security weaknesses
- Provides prioritised corrective actions to improve effectiveness
- Provides a ransomware readiness indication for your business
- Allows training an education needs to be planned in line with highest risk
- Identifies policy improvement
- Supports identity and access management planning
- Highlights where suppliers’ security posture is miss-aligned to yours.
- Provides clarity on configurations to meet best practice
- Identifies corrective action to strengthen response capability and reduce impact
- Collaborative workshops, interviews and assessments
- Assesses your current security policies effectiveness against ransomware
- Reviews effectiveness of your security auditing, monitoring and detection capabilities
- Identifies shortfalls in user education and awareness
- Reviews supplier cyber security posture from context of your business
- Assesses security configurations to best practice security guidelines
- Highlights improvements within your existing incident response capabilities
Build a Solid Foundation to Protect Against Ransomware
In our experience, ransomware defence is founded on clear direction and support from senior management, coupled with robust and comprehensive security practices and supported by effective incident detection and response capabilities. We can support the development of your cyber security defences through hardening systems, attack surface identification and reduction, protection of sensitive data, and responding to and recovering from an attack.
Read how we helped Digital Health & Care Wales become more resilient to ransomware attacks here:
Security Design and Resilience
Security Device Hardening
Speak to a consultant.
If you have any concerns at all about your organisations ability to withstand a ransomware attack, contact our team today for an initial discussion.
Looking for more information? Download our information sheet.