CISOs must work smarter to beat ransomware

The changing nature of ransomware attacks means that CISOs everywhere must innovate if their organisations’ operations, and those of customers, are not to be seriously affected.

 

This was one of the conclusions of a new global survey of IT decision makers conducted by Venafi, a developer of machine identity management solutions. Its findings reveal that 74% of senior IT professionals are so concerned about new extortion tactics that they believe ransomware should be considered a matter of national security.

 

Venafi said its data takes on a new urgency in light of the recent advisory from the UK’s National Cyber Security Centre (NCSC), Australian Cyber Security Centre (ACSC), Federal Bureau of Investigation (FBI), National Security Agency (NSA) and Cybersecurity and Infrastructure Security Agency (CISA) detailing the growing risks posed by ransomware. Extortion tactics mean that ransomware defense strategies focused on data protection are no longer effective, it concluded. Organizations, it said, need a more robust and innovative ransomware security program to protect against risks.

 

The survey found that:

  • Almost a fifth (18%) of victims paid a ransom but still had their data exposed on the dark web
  • Almost 1-in-10 companies (8%) refused to pay the ransom, and the attackers then tried to extort their customers
  • More than a third (35%) of victims paid the ransom but were still unable to retrieve their data
  •  

“Ransomware attacks have become much more dangerous,” said Kevin Bocek, vice president of business development and threat intelligence at Venafi. “They have evolved beyond basic security defenses and business continuity techniques like next-gen antivirus and backups. Organizations are unprepared to defend against ransomware that exfiltrates data, so they pay the ransom, but this only motivates attackers to target new victims. The bad news is that attackers are following through on extortion threats, even after the ransom has been paid. This means CISOs are under increased pressure because a successful attack is much more likely to create a full-scale service disruption that affects customers.”

 

Threat actors are constantly evolving their attacks to make them more potent, and it is time for the cybersecurity industry to respond in kind, added Bocek: “Ransomware often evades detection simply because it runs without a trusted machine identity,” he noted. “Using machine identity management to reduce the use of unsigned scripts, increase code signing and restrict the execution of malicious macros is vital to well-rounded ransomware protection.”

Share on facebook
Share on twitter
Share on linkedin
Share on pinterest
Share on whatsapp
Share on email

Discussion

Responses

Your email address will not be published. Required fields are marked *

Founding Corporate Sponsor:

Media & Analyst Partnerships:

Contact

Membership & administration

forum co-founder

International Events Manager

© Copyright 2021. Business Innovation Leaders Forum. All Rights Reserved. | Privacy Policy

SIGN UP TO ACCESS

Please enter your details below to access this content.

  • This field is for validation purposes and should be left unchanged.

THANK YOU FOR YOUR INTEREST IN THE BUSINESS INNOVATION LEADERS FORUM

TAKE ADVANTAGE OF OUR FREE TRIAL MEMBERSHIP THROUGH TO 30th september 2023

We would like to send you more information about membership so please fill in your details below, and we will get in touch shortly. Meanwhile you can click the link below to explore the forum further.

BE INSPIRED TO INNOVATE!

RECEIVE OUR

Book of the Month*

The Serendipity Mindset: The Art and Science of Creating Good Luck

By Dr Christian Busch
Serendipity is an aptitude for making desirable discoveries by accident. To other people it looks like “good luck”, but it is more the ability to recognise and seize an opportunity, rather than have good fortune thrust upon one. Finding a wallet stuffed with money on the conference room floor is good luck, whereas holding it up and asking if anyone has lost their wallet might be the beginning of a valuable friendship – that would be serendipity.

Chance encounters, or strokes of fortune, feature in countless stories of business success. This book looks beneath the surface, reveals and teaches the mindset that can transform pure chance into opportunity. The author is director of the Global Economy Program at New York University’s Center for Global Affairs, and a lecturer at the London School of Economics.

Serendipity is an aptitude for making desirable discoveries by accident. To other people it looks like “good luck”, but it is more the ability to recognise and seize an opportunity, rather than have good fortune thrust upon one. Finding a wallet stuffed with money on the conference room floor is good luck, whereas holding it up and asking if anyone has lost their wallet might be the beginning of a valuable friendship – that would be serendipity.

The author says “This is a book about the interactions of coincidence, human ambition and imagination”. In the above example: finding the wallet is the coincidence; ambition is the desire to make something of the discovery; add imagination and you open up a whole menu of possibilities: from spending spree to earning a reputation for honesty – or even making a wealthy friend.

Business is typically forged on human ambition and imagination, but early success often feeds an appetite for control – and “control freaks” can be blind to the opportunities thrown up by the unexpected. They only see chance events as distractions. If plans go awry, they may blame the failure on “bad luck” rather than admit their own inflexible attitude.

The author himself admits to being “a German who is used to planning” and prone to feel anxious when something unexpected happens. That makes him an ideal teacher, because he has worked hard to discover and analyse the mindset that enables one to “connect the dots” and cultivate serendipity. He presents a goldmine of examples from science, business and life where an apparent mishap or failure lead to a breakthrough.

Indeed, studies suggest that around 50% of major scientific breakthroughs emerge as the result of accidents or coincidences. A well-known example is Alexander Fleming’s discovery of penicillin, launching the whole field of antibiotics. Other examples include X-rays, nylon, microwave ovens, rubber, Velcro, Viagra and Post-it Notes – where would we be without these!

The book goes beyond the ability to recognise and respond to opportunities in chaos, but the subtitle – The Art and Science of Creating Good Luck – is actually a bit misleading. True, he does show ways to develop better fortune, but it would be better to call it “inviting” or “encouraging” good luck. For example, he suggests better ways to start a conversation with a stranger – ways that will make it more likely to lead to chance connections or shared interests.

The publishers may have chosen the word “creating” to make the book appeal to the human desire to control – for control freaks are exactly the readership that would benefit the most from this book’s wisdom and practical advice.

For the rest of us, it offers a great way to rediscover the sense of play that is so important in life – and too often lost in business.

 

“Following the success of The Serendipity Mindset hardback, a paperback edition has also now been launched under the title “Connect the Dots”.

How to upload a file

This website uses cookies to ensure you get the best experience on our website More info.