#bciRewind | Preparing for Ransomware
#bciRewind - this content series is exclusive to BCI Members only. If you are a BCI member please login into your website profile to access the content.
From BCI World Virtual 2021 | Alex Sagovsky presented this session on non-technical steps organisations should consider to prepare for ransomware attacks. Ransomware is a growing problem: threat actors are becoming increasingly sophisticated, and are investing in their capabilities; franchise and affiliate models among organised crime groups mean the numbers of attacks is going up.
Five key areas have been identified where victim organizations regularly struggle, and where steps could have been taken to make sure they were better prepared:
- The operational response to cyber crises is often overlooked, under-prepared and under-rehearsed - now is the time to focus on the operational foundations to your cyber response.
- At a strategic level, executives have often not engaged with the full complexities of the decisions they will be required to make in a ransomware incident.
- Managing communications in the aftermath of a ransomware incident is a long-lived and complex challenge.
- Understanding the end-to-end complexities of your business, including the dependencies on middleware, is essential to effective ransomware response.
- Cyber is too often overlooked in ITDR plans - it's considered ‘the wrong type of disaster’ and hence recovery plans do not withstand the challenge of a ransomware attack.
At last year's virtual conference, Alex examined each of the above areas, identified the key issues, and proposed solutions which aim at enhancing the ability of organizations to manage Ransomware attacks.