The cyber landscape is continually changing , but over the last few years the growing ransomware threat has remained constant . CISOs are no longer engaging in occasional firefighting exercises to combat ransomware , but instead dedicating significant resources to the ongoing practice of protection and prevention . That mindset change is because ransomware is big business for sophisticated cybergangs ; it ’ s now a billion-dollar industry , with the costs for unexpected victims set to exceed $ 250 billion in the next 10 years .

Hackers have developed a successful business model , comprising networks of thousands of cybercriminals , for whom ransomware is a full-time job . These highly intricate and rehearsed groups proactively seek vulnerabilities in businesses of all sizes almost 24 / 7 and use a wealth of resources to cause serious damage .

Despite this , most organisations ’ approach to defence isn ’ t consistent with the reality that cyberattacks are inevitable , and that needs to change . Too many take an apathetic attitude towards cybersecurity , with a large number of companies having no remediation plan in place to reduce the number of days of downtime they could face following an attack . That inaction could prove hugely costly when the inevitable does happen . A company with a £ 100 million turnover , for example , could lose £ 274,000 per day during an outage in the aftermath of a ransomware attack .

So , how do CISOs protect their businesses against this tried and tested business model ? Well , they need to start with outlook shift ; cyberattacks should be deemed inevitable , but breaches are preventable .

CISOs should take the lead from the defence sector and implement ‘ military grade ’ defences that both cut the impacts of possible attacks and empower businesses to get back online in days rather than months . As attackers up the stakes and gain momentum from successfully securing ransoms , military grade protections focus on removing vulnerabilities by preparing for when the inevitable happens , not if it happens .

Those protections have recovery plans at their heart and should be considered mission-critical for enterprises too , given the importance of data to their day-to-day operations . More often than not , they ’ re founded on the 30 / 30 / 30 rule , which is a great model to adopt . Often when an attack strikes , there is a scramble to decide what needs to be salvaged . Instead , knowing what needs to be recovered in 30 minutes , 30 days and 30 weeks can mitigate potential chaos and save data that is essential to keeping the business going .

There ’ s more at stake than the financial impact – customer data , business brand and ultimately its reputation which undoubtedly will impact the future of the business . Tackling and breaking the ransomware business model must be at the core of a CISO ’ s defence strategy . It is no small ask but as cybergangs lay the groundwork for carefully orchestrated attacks , we all need to be ready .

www . intelligentcio . com INTELLIGENTCIO EUROPE 35

Intelligent CIO Europe Issue 59 | Page 35