Intelligent CIO Europe Issue 57 - Page 55


Ransomware : fail to prepare , then prepare to fail

As ransomware threats become more frequent , targeted and ruthless , Gavin Knapp , Cyber Defence Technical Lead at Bridewell , explains why business leaders cannot afford to rely on cyber insurance alone as a silver bullet .

Ransomware is now an unavoidable business issue . What started as a relatively opportunistic method of extorting money for individuals and organisations has evolved into a complex and sophisticated attack mechanism , originating from skilled human actors who will do whatever necessary to achieve their goals .

As a result , dynamics are shifting within businesses . While security teams used to vie for the attention of the board , it is now the board who are actively engaging security teams . The evolution of ransomware has brought the importance of cyber-resilience to the fore – and businesses are stepping up and increasing their security budgets in response . However , as always , more can be done . New research from Bridewell reveals that only a minority of UK critical national infrastructure organisations are implementing critical measures to protect , detect and respond to ransomware . This suggests that some businesses may be relying on reactive measures to help offset the damage caused by an attack . But as ransomware becomes more frequent , targeted and ruthless , business leaders must look beyond the not-so-silver bullet of cyber insurance alone . It pays to have a plan – and there are clear steps organisations can take now to ensure they are better protected against this unrelenting threat .
How has ransomware evolved ?
Ransomware is a threat decades in the making . Traditionally , attackers capitalised on human error to get through a business ’ defences , but the rise of
www . intelligentcio . com INTELLIGENTCIO EUROPE 55