Joseph Carson, chief security scientist and advisory CISO at ThycoticCentrify, offers advice on least privilege, automation, application control and more.
The rate at which ransomware attacks occur is rapidly increasing. Not only have we witnessed the rise in the frequency of these attacks, but have also seen them evolve into more sophisticated, successful and damaging events.
The potential monetary gain from a ransomware attack is now so lucrative that many ransomware developers have established affiliate programs for their tools and expertise, offering ransomware-as-a-service (RaaS). Ransomware demands also continue to skyrocket as more than 80 percent of victim organizations admit to paying ransom demands.
While public utilities, healthcare organizations and financial institutions are some of the most frequent targets of ransomware attacks, there is no single company that is safe from becoming the next victim of a ransomware attack. Therefore, all organizations must be prepared and on high alert.
So how can organizations become more resilient and avoid becoming the next ransomware victim? First, let’s review basic best practices.
Last year, the Cybersecurity and Infrastructure Security Agency (CISA) along with the Multi-State Information Sharing and Analysis Center (MS-ISAC) collaborated to create the Ransomware Guide, which outlines recommendations