#PMP #PPM #project #Agile #cybersecurity #cryptocurrency #ai #SAFe #zerotrust #virtual #mindmap #remote #scaledagile #machinelearning
  • Welcome
  • Contact
  • Resume
  • Expertise
  • Blog
  • Books / White Papers
  • Software / Service Reviews
  • Mentoring Contact Form
  • This Week in PM
  • PM Video Series
  • Awards/Recognition
  • Templates & Downloads
  • Clients
  • Professional Services
  • Past Survey Results

Tactics Shaping Ransomware Mitigation in 2022

7/27/2022

0 Comments

 
Though businesses have become more confident in preventing ransomware attacks, confronting risk is an internal commitment.

The tenor for ransomware threats changed as attacks flipped from delivering ransomware through consumer-targeted spam to spreading across networks. The threat of extortion and data exfiltration has yet to wane. 

More than half of CISOs said they were hit by ransomware at least once in 2021, according to a Black Kite-sponsored survey of 250 CISOs. More than two-thirds expect at least one ransomware attack this year. 

Though business leaders are more confident employing tactics to prevent ransomware attacks, confronting risk requires an internal commitment starting from the C-suite down to interns. “Businesses must take acceptable and calculated risks each day — the same applies to cybersecurity,” said Theo Zafirakos, CISO of Terranova Security. 

As 2022 unfolds, here are three ransomware mitigation tactics to watch and employ: 

Train, train and train againWhether negligent or malicious, insider threats are a leading cause of security incidents. Leveraging human behavior is a favored tactic for threat actors, especially when they find loopholes in technological safeguards. 

Companies will continue to invest in their employees, working to evolve  their behaviors to become more cyber-aware.  

“To succeed, organizations must invest in processes and people,” said Zafirakos. Companies have put more resources toward training employees on ransomware awareness. This includes ensuring employees know how to report suspicious messages. 

Back to basicsDespite the growing sophistication of ransomware, security controls largely remain within security basics, no matter the tools a company adds. 

Up against more security measures, threat actors pivoted their tactics to turning off mitigation capabilities to deploy ransomware, said Jon Clay, vice president of threat intelligence at Trend Micro. 
 
This means the security basics have had some modifications. Companies are implementing multifactor authentication for administrative accounts and mission-critical business application accounts. Companies are revisiting patch management strategies so they’re based on risk, which takes into account “any vulnerabilities with public proof of concepts and any actively exploited vulnerabilities being patched at once,” Clay said. 

Vulnerabilities from ProxyLogon, ProxyShell and PrintNightmare drew ransomware actors last year, according to research from Tenable. Basic VPN vulnerabilities remained a top attack vector, with the potential to linger as forgotten flaws among other highly publicized vulnerabilities disclosed and exploited last year. 

Funds might be recoveredU.S. and international law enforcement pursued one of the most prolific ransomware gangs, REvil last year, and partially recovered funds paid by Colonial Pipeline. Law enforcement will likely become more intertwined in incident response for businesses this year. 

“In fact, this will be the theme for the rest of the decade,” said Zafirakos. And given the onslaught of high-profile attacks lately, ”the stigma of being victim to ransomware has reduced.” 

Industry wants to see more action taken against cybercriminals or nation-state threats, but “they fail in their general deterrence effect to the cybercriminal undergrounds from which they operate,” said Ed Cabrera, chief cybersecurity officer at Trend Micro and former CISO of the U.S. Secret Service. This is most obvious in the constant rebranding of threat groups.  

“This is not to say [law enforcement] operations are futile or not effective but rather incredibly effective in developing criminal threat intelligence across the broader criminal underground ecosystem,” he said. 

Companies are not federally required to report incidents, which leaves gaps in intelligence for law enforcement agencies. “The vast majority of incident reporting today happens due to legal and regulatory requirements rather than the idea that law enforcement can immediately assist in mitigation,” Cabrera said. 

Moving forward, industry wants more collaboration with regulatory agencies in developing realistic cybersecurity mandates. Government needs more insight into how regulations could impact businesses. 

For example, “requiring organizations to disclose an attack before they have a better understanding of the situation may put their networks at risk of other attackers targeting them,” said Clay. 

By: Samantha Ann Schwartz • Published Jan. 31, 2022

0 Comments



Leave a Reply.

    Author:

    Picture

    Brad Egeland


    Named the "#1 Provider of Project Management Content in the World," Brad Egeland has over 25 years of professional IT experience as a developer, manager, project manager, consultant and author.  He has written more than 8,000 expert online articles, eBooks, white papers and video articles for clients worldwide.  If you want Brad to write for your site, contact him. Want your content on this blog and promoted? Contact him. Looking for advice/menoring? Contact him.

    Picture
    Picture
    Picture
    Picture

    RSS Feed

    Archives

    August 2022
    July 2022
    June 2022
    May 2022
    April 2022
    March 2022
    February 2022
    January 2022
    December 2021
    November 2021
    October 2021
    September 2021
    August 2021
    July 2021
    June 2021
    May 2021
    April 2021
    March 2021
    February 2021
    January 2021
    December 2020
    November 2020
    October 2020
    September 2020
    August 2020
    July 2020
    June 2020
    May 2020
    April 2020
    March 2020
    February 2020
    January 2020
    December 2019
    November 2019
    October 2019
    September 2019
    August 2019
    July 2019
    June 2019
    May 2019
    April 2019
    March 2019
    February 2019
    January 2019
    December 2018
    November 2018
    October 2018
    September 2018
    August 2018
    July 2018
    June 2018
    May 2018
    April 2018
    March 2018
    February 2018
    January 2018
    December 2017
    November 2017
    October 2017
    September 2017
    August 2017
    July 2017
    June 2017
    May 2017
    April 2017
    March 2017
    February 2017
    January 2017
    December 2016
    November 2016
    October 2016
    September 2016
    August 2016
    July 2016
    June 2016
    May 2016
    April 2016
    March 2016
    February 2016
    January 2016
    December 2015
    November 2015
    October 2015
    September 2015
    August 2015
    July 2015
    June 2015
    May 2015
    April 2015
    March 2015
    February 2015
    January 2015
    December 2014
    November 2014
    October 2014
    September 2014
    August 2014
    July 2014
    June 2014
    May 2014
    April 2014
    March 2014
    February 2014
    January 2014
    December 2013
    November 2013
    October 2013
    September 2013
    August 2013
    July 2013
    June 2013
    May 2013
    April 2013
    March 2013
    February 2013
    January 2013
    December 2012
    November 2012
    October 2012
    September 2012
    August 2012
    July 2012
    June 2012
    May 2012
    April 2012
    March 2012
    February 2012
    January 2012
    December 2011
    November 2011
    October 2011
    September 2011
    August 2011
    July 2011
    June 2011
    May 2011
    March 2011
    January 2011
    December 2010
    November 2010
    October 2010
    September 2010
    August 2010
    June 2010
    May 2010
    April 2010
    March 2010
    November 2009

    RSS Feed

Powered by Create your own unique website with customizable templates.