InfoSec-Specific Executive Development for CISOs and Aspiring Security Leaders.
Live Faculty-led instruction and interactive labs to build you and your team's InfoSec skills
This piece examines the potential or estimated cost of a ransomware attack and weighs that against the option of adding a tertiary backup to the cloud as a means for ransomware recovery or response.
Reports from the last two years relating directly to ransomware costs and impact surfaced the following findings:
The Sophos report shows ransomware trends by way industries most affected. (see Figure 1).
Those findings demonstrate that all organizations are potentially susceptible, but the entertainment, technology and energy sectors are those most targeted.
Since most ransomware is paid by cryptocurrency, examining the payments to suspicious/noted ransomware cryptocurrency addresses are useful as well. In the Chainalysis Crypto Crime Report from early 2021, blockchain analysis shows the total amount paid
by ransomware victims increased by 311 percent from 2019-2020, to reach nearly $350 million worth of cryptocurrency payments (see Figure 2).
A tertiary backup scenario that replicates critical data to an offsite (usually cloud-based) data storage service may be a good insurance policy against ransomware attacks. There are several considerations if your organization is looking to add a tertiary
backup, which can include, but are not limited to:
ON-DEMAND WEBINAR: Do’s and Don'ts of Using Ransomware Brokers
A tertiary backup to the cloud could make sense depending on your organization and its risk tolerance.
However, pinpointing a wholly accurate average cost of ransomware impact is difficult. We suggest taking the following considerations into account when mulling over the option of a tertiary backup:
Although reasonable efforts will be made to ensure the completeness and accuracy of the information contained in our blog posts, no liability can be accepted by IANS or our Faculty members for the results of any actions taken by individuals or firms in
connection with such information, opinions, or advice.
September 23, 2021
By IANS Faculty
In this piece we share insights into what security teams want to know about ransomware prevention as well as tips from our Faculty on how to prevent ransomware attacks.
September 21, 2021
Gain a better understanding of the different types of CISO reporting structures and examine reasons for having a CISO report to technical director instead of a chief information officer (CIO) or another C-level executive.
September 16, 2021
Compare traditional AD vs. Azure AD, gain an understanding of how the two tools differ from a security perspective and find advice on how to deploy them successfully.