Intelligent CIO Middle East Issue 88 | Page 77

t cht lk

t cht lk

• Staffing shortages among security and IT teams : It ’ s no secret that you must have individuals with the right skill sets on your team to support monitoring and risk mitigation efforts to combat cybercrime effectively . Yet data shows that the cybersecurity skills gap presents an ongoing challenge for CISOs : how to attract and retain new talent while ensuring current team members get the necessary training and upskilling opportunities .
Latest ransomware attacks to learn from
Ransomware continues to get nastier and more expensive , impacting companies in every industry and geography . While most of us recall recent highprofile ransomware attacks involving companies such as Colonial Pipeline and JBS , countless other ransomware incidents occur that don ’ t make the national news . However , many ransomware attacks can be prevented by applying strong cyberhygiene practices – including offering ongoing cyberawareness training for employees – and focusing on implementing Zero Trust Network Access ( ZTNA ) measures and endpoint security .
Five ransomware protection best practices
Effective ransomware detection requires a combination of education and technology . Here are some of the best ways to detect and prevent the evolution of current ransomware attacks :
1 . Educate your employees about the hallmarks of ransomware : Security awareness training for today ’ s workforce is a must and will help organisations guard against an ever-evolving array of threats . Teach employees how to spot signs of ransomware , such as emails designed to look like they are from authentic businesses , suspicious external links and questionable file attachments .
2 . Use deception to lure ( and halt ) attackers : A honeypot is a decoy consisting of fake repositories of files designed to look like attractive targets for attackers . You can detect and stop the attack when a ransomware hacker goes after your honeypot . Not only does cyberdeception technology like this use ransomware ’ s own techniques and tactics against itself to trigger detection , but it uncovers the attacker ’ s tactics , tools and procedures ( TTP ) that led to its successful foothold in the network so your team can identify and close those security gaps .
3 . Monitor your network and endpoints : By conducting ongoing network monitoring , you can log incoming and outgoing traffic , scan files for evidence of attack ( such as failed modifications ),
Aamir Lakhani , Cybersecurity Researcher for Fortinet ’ s FortiGuard Labs
establish a baseline for acceptable user activity and then investigate anything that seems out of the ordinary . Deploying antivirus and antiransomware tools is also helpful , as you can use these technologies to whitelist acceptable sites . Lastly , adding behavioural-based detections to your security toolbox is essential , particularly as organisations ’ attack surfaces expand and attackers continue to up the ante with new , more complex attacks .
4 . Look outside your organisation : Consider taking an outside-the-network view of the risks posed to an organisation . As an extension to security architecture , a DRP service can help an organisation see and mitigate three additional areas of risk : digital asset risks , brand-related risks , and underground and imminent threats .
5 . Augment your team with SOC-as-a-Service if needed : The current intensity we see across the threat landscape , both in velocity and sophistication , means we all need to work harder to stay on top of our game . But that only gets us so far . Working smarter means outsourcing specific tasks , like incident response and threat hunting . This is why relying on a Managed Detection and Response ( MDR ) provider or a SOC-as-a-Service offering is helpful . Augmenting your team in this way can help to eliminate noise and free up your analysts to focus on their most important tasks .
While the volume of ransomware isn ’ t slowing , numerous technologies and processes are available to help your team mitigate the risks associated with this attack . From ongoing cybereducation programs to strengthening ZTNA efforts , we can keep crafty attackers at bay . p
www . intelligentcio . com INTELLIGENTCIO MIDDLE EAST 77