Enterprises across the board underestimate how vulnerable they are, but this year they cannot afford to make that mistake.
When businesses do not believe they are a target, they do not feel the need to put systems and processes in place to ensure they can survive an attack. And the worst time to start thinking about it is when the company is in a state of emergency.
So says Sash Sunkara, co-founder and CEO of RackWare, a hybrid cloud platform provider, sharing her top most concerning ransomware threats for 2019.
"Ransomware is still a concern for good reason," she says. "We've really only seen the first wave of these attacks. Enterprises have put processes in place to protect themselves in the wake of that initial wave, but we've yet to see the worst of what these attacks can do.
"Threat actors will only become more aggressive and we'll see a greater need for enterprises to explore more sophisticated solutions. They'll need a comprehensive option rather than a temporary fix if they plan to survive the never-ending threat cycle ahead of us."
Securing the cloud
In general, clouds are as secure, if not more secure, than most data centres, notes Todd Matters, co-founder and chief architect of RackWare. "However, they have the same vulnerabilities that data centres do. As ransomware threats become more sophisticated, cloud providers will need to continue introducing protective measures that won't leave clouds susceptible."
According to Sunkara, it's also important to remember that when migrating workloads to the cloud, the duty of managing a physical data centre, boxes or a network goes away.
"But, managing your applications, monitoring performance and maintaining a level of security is a shared responsibility between the cloud provider and enterprise IT. Cloud providers supply infrastructure, but it'll be up to enterprise IT groups to make sure they have higher levels of security in the year ahead.
"If you don't have the right protections in place for your business, it'll only hurt you. A service provider could walk away at any time."
Stealthier tactics
Matters says his organisation has worked with plenty of IT teams who thought that if they were hit with ransomware, they would become aware of it immediately. Unfortunately, businesses that still share this belief will likely experience data compromises in 2019. The truth is that most attackers are more cunning than they are given credit for, so intrusion detection and protection solutions are a must-have.
"Hackers will infect an enterprise and let it go on for weeks or months before they make it known and, by then, it's far too late."
You need to know what you'll do when everyone's looking at you and you're losing money by the hour.
Sash Sunkara, co-founder and CEO of RackWare,
Although enterprises are beginning to implement safeguards, these are not effective if the alerts are unreliable, adds Sunkara.
"If threat detection solutions regularly flag every small thing, IT teams will eventually stop paying attention, putting them and the data they're protecting at greater risk. Organisations will want to make sure they have a smart system that flags when something is really wrong versus sending out a high volume of false alarms."
Testing, monitoring, segmentation
According to Sunkara, enterprises that have protection or disaster recovery plans in place could still fall victim to a ransomware attack if they do not routinely test or validate for their environment.
"If you don't test it out, you might as well not have a solution at all. You need to know what you'll do when everyone's looking at you and you're losing money by the hour. You need to proactively determine what you'll do in all scenarios so that you're not scrambling when an attack brings your business to a halt."
In addition, she says a good monitoring system is crucial, but enterprise cloud setups will need proper segmentation if they hope to survive an attack. "Businesses will need to ensure an infection won't impact their entire cloud environment in the event of a breach."
The good news, says Matters, is that even if enterprises do not have the right detection or backup measures in place, they are not necessarily doomed. "Mastering the basics is a good starting point. That includes investing in intrusion detection and protection."
Share