Head of Enterprise & Solution Architecture, 1,001 - 5,000 employees
I read a very interesting article about the two key enablers of ransom attacks. One is cyber insurance, and the other is cryptocurrency. Criminals are targeting companies with cyber insurance, because insurance companies incentivize them to pay the ransom since it's cheaper than having to rebuild the company from the ground up. Cryptocurrency is also an enabler, because it makes it much easier to pay the ransom.Director of IT in Software, 201 - 500 employees
Key enablers in my opinion are the companies that are paying for the ransom… well their insurance actually… governments that allow ransom to be paid (It should be illegal to pay for a ransom) and turning this to be a business model where you have ransomware as a service and nowadays the ransomware teams have a support line to help companies decrypt after the ransom has been paidContent you might like
CTO in Software, 201 - 500 employees
Without a doubt - Technical Debt! It's a ball and chain that creates an ever increasing drag on any organization, stifles innovation, and prevents transformation.Yes55%
No31%
Unsure13%
501 PARTICIPANTS
Patch management: to reduce attack surface and avoid system misconfigurations39%
Malware and ransomware prevention: to protect endpoints from social engineering attacks58%
Malware and fileless malware detection and response: to protect against malicious software49%
Threat Hunting: to detect unknown threats that are acting or dormant in your environment and have bypassed the security controls33%
Not planning to change endpoint security strategy10%
184 PARTICIPANTS
ISSO and Director of the IRU in Healthcare and Biotech, 10,001+ employees
I would definitely suggest this based of how you categorize your types of data/systems and information being stored in certain parts of your data center. I think it’s really dependent on the size of your organization and ...read more
And a couple things that these security leaders quoted really surprised me; for example, they seemed satisfied if you could stop 85% of the attacks. I thought to myself that 85% doesn't sound like a very high bar to me, but their point was that you can't practically expect to stop more. The focus has to be on trying to identify that they're in your environment before they've had time to do all their mining for data and identities, and set their bombs off.
Of course you want to stop the 85%—the low hanging fruit—but it was more about having visibility into what's going on in your environment. Have security settings been changed on servers? Consider the kinds of things that attackers use to make the environment easier for them to work through. It was an interesting concept: your approach needs to be to disrupt their business.