“Why does ransomware continue to be such a serious threat?” is probably the question our cybersecurity experts are asked most often.
Ransomware remains a threat (in part) because many companies are not making security and prevention a priority. There are several reasons that organisations may not be prioritising security. When we talk to our clients, the main reason they give for the lack of preparation is that security and ransomware prevention is expensive, however, the alternative is often so much more.
According to Cisco, in 2021, 65% of Australian SMBs suffered a cyber incident in the last 12 months. 90% of those same businesses estimated that they faced severe operational, financial and legal consequences, as a result of only an hour of downtime. When asked about the financial costs of an incident, 64% said the impact was more than $700,000 (USD500,000), and 33% said it was more than $1.4 million (USD1 million).
While the cost of security might seem high, it’s very clear that the cost of an attack is much higher – not only in financial, but also in operational, reputational and legal costs. When you weigh the cost of security against the cost of an attack, you can see that it is worthwhile to invest in as much security, planning and prevention as you can afford.
Although it takes effort and thought on an organisation’s part, prevention is the best way to reduce the risk of a ransomware attack. For any business in operation today, it’s not a matter of if you will face a ransomware attack, it’s just a matter of when.
Fortunately, there is a lot that your organisation can do to protect your data from ransomware.
A holistic approach to ransomware
The best approach to ransomware is an all-business approach. Everyone across your company has a role to play in protecting your assets and information from ransomware and other cybersecurity threats.
Here are the main reasons ransomware attacks succeed:
- Human error: a major factor, contributing to 95% of all breaches. Whether this is the result of people not following best practices, weak authentication or not being aware of the risks, the outcome is the same.
- Application vulnerabilities: another area of risk for many organisations are weak configurations and unpatched internet facing applications.
- Emerging attack vectors: new risks arrive on the landscape, and they come through new attack vectors. For example, supply chain attacks seek to gain access to their targets not directly but by exploiting tools or systems that they use.
Why are ransomware attacks still taking place?
In our work with clients over the years, blueAPACHE has identified four key factors that hold organisations back from the level of security that would truly mitigate their risk for a serious ransomware attack.
- Organisations are failing to identify the true nature of cybersecurity risk at the highest levels. There needs to be a focus at both board and C-level, and ideally, a senior executive charged with a whole of organisation ransomware protection, mitigation and recovery strategy.
- The appropriate level of risk identification and impact analysis is not occurring, therefore adequate funding is not budgeted for to take the measures needed to harden security.
- The culture of the business enables risk, controls and policies are not strictly followed or enforced. For instance, passwords are not regularly changed, multi-factor authentication is not deployed.
- Simple steps to manage and control what software runs on your network – for instance by means of Application Whitelisting – are not taken as they are seen to be too hard.
Debunking the biggest myth in ransomware protection
There is a prevailing perception that good cybersecurity is too expensive for most organisations to bear. While that may have been the case in the past, advancements in service models and technology have made it possible for any business to afford strong cybersecurity.
Training staff on cybersecurity awareness and procedures is inexpensive and straightforward. It’s also not too expensive to conduct yearly or bi-yearly security assessments, determine where you are compared with where you want to be, and set benchmarks to measure your progress. It’s also important to make sure all applications are up to date and secured with strong configurations.
To get a sense of what is appropriate to spend on cybersecurity, it helps to track your security expenditures and put them into context. Create an Annual Loss Expectancy report and then compare that to the cost of the security solutions you need.
If you are not sure how to conduct your own security assessment, current security posture, employee awareness and training, and Annual Loss Expectancy report, you can take a security assessment with a trusted cybersecurity provider, like blueAPACHE.
You can leverage our expertise to help discover where you are currently in your security journey. We can help you create a roadmap to harden your security and get your company to the level of security you need. Plus, we can do it all at an affordable, predictable monthly price that is easy on your budget.
To find out more, please contact us here