Ransomware has dominated the cybersecurity news agenda in recent months, following a spate of high-profile attacks against critical infrastructure.
Ransomware’s evolution in terms of scale has been staggering; in 2015 the global cost of ransomware attacks was estimated at $345 million – this figure is predicted to reach $265 billion by 2031.
With the rapid acceleration of digitisation across all sectors, ransomware has become a board-level issue due to the operational, financial and reputational threat it poses to organisations across all industries.
Though a knowledgeable cyber security partner will help manage risk to the business through its digital channels, there are also key steps boards should be taking to protect their organisations.:
- Improve communication with your experts
A continued two-way flow of critical security information prevents the board from becoming disconnected from the operational reality of cyber security and its ongoing threats. Appoint a board member who can be accountable for cyber risks and implement regular briefing meetings between this board member and the cyber security team. Access to these people and data associated with their roles will enable timely and effective decision making should the worst happen.
- Ensure your teams have identified your critical assets and have assessed your ability to protect and recover them, if needed, from a Ransomware attack
Your critical assets, whether it be a payment system, Operational Technology environment or client database, enable your business to operate. If your business is processing card payments and your core payment platform is taken offline by a ransomware attack, the damage to your organisation will be significant on several fronts. By focusing budget and effort on your critical assets first you can protect, or at least plan to quickly recover, the core parts of the business.
- Implement and test a ransomware focused incident response plan
It is also important that every organisation has a plan in place in the event that a major incident does happen, and this must include a specific ransomware focused incident response plan. It is just as vital to review and test, as far as possible, your ability to bring the business back online and operational again with minimal disruption that it is to prevent it in the first place.
The chances of becoming a victim (or repeat victim) of a ransomware attack have increased significantly over the last 12 months, but there are a lot of ways that businesses can reduce this risk. Given our greater digital dependency, with more staff working remotely and online, and the increased sophistication of attacks, the impact of a ransomware attack could be much greater. However, a successful attack is not inevitable and there are a range of measures that businesses and internal boards can, and should, take to reduce both the likelihood of becoming a victim and/ or the impact should defences fail.
If you’d like to know more and protect your business, our Board Level Ransomware Briefing whitepaper sets out the key issues that boards need to be aware of and outlines the steps to take to reduce the risks associated with any potential attack on your organisation.