With the average cost of a data breach now at $ 4.2 million, growing cyber threats like ransomware and the hybrid workforce have organizations around the world looking to mitigate risk at every layer of the organization.
Protecting your organization is like balancing an equation: people + skills + technology = security. Where many security strategies fall short is in having an unbalanced equation.
Ransomware proves to be a good use case when considering how to balance this equation. On the technology side, leaders and technical teams can take steps such as maintaining backups, reviewing port settings, and implementing an Intrusion Detection System.
However, we have seen first-hand that even the most advanced cybersecurity technology is ineffective without a trained technical team and cyber-aware employees. This lopsided equation has led to record ransomware payouts in the past year.
To balance this equation and minimize the impact of ransomware, organizations must make strategic investments in all three. Here, we will examine the opportunities to invest in the people and skills that are part of this equation, look at what is most commonly lacking in many organizations, and provide some tips to remedy it.
Executive Level Cyber Training
In a recent Deloitte survey, more than 60 percent of executives reported being concerned about ransomware. However, only 33.3 percent said their organizations have simulated ransomware attacks to prepare for an incident.
Often times, it is not until the organization is affected by ransomware that the executive team realizes that they were not educated in prevention. Y remediation Security and risk leaders must now educate executives on these threats and demands, implement proactive ransomware prevention and protection strategies, and ensure administrative policies and procedures are in place through simulation exercises.
For senior leaders, there should be a specific education that focuses on cyber threats from their perspective and on specific incidents that may directly attack them, such as whale phishing. This makes it easy to discuss the issue and the need for top-down ransomware awareness and education. For this reason, personalized security awareness training aimed at the executive level is effective and worth the extra effort.
Cyber training for employees
Most ransomware infections start when an employee clicks or downloads a malicious file, granting attackers access to the organization’s environment. This puts the attacker’s target squarely on the end user, which is why ongoing security awareness training remains one of the most effective tools to combat ransomware.
Training should cover not only what ransomware is and what it does, but also how hackers can infect systems with ransomware:
- With phishing emails, where hackers pose as trademarks to manipulate employees into revealing confidential information or accessing
- Through malicious websites and file downloads.
- Or even with seemingly benign removable media like USB drives.
Helping employees understand how to help prevent this type of cyber incident and how these skills can keep their families cyber-safe at home makes your training relevant and memorable.
IT and security team training
IT and security teams have a significant impact on how an organization survives a ransomware attack. Investing in the skills of your IT and security team ensures your organization is prepared to defend itself against the growing threat of ransomware.
These teams must be trained and learn to respond appropriately when there is an attack, from prevention and detection to response and forensic investigation. There should be hands-on training that enables technical teams to manage the details and real-life decisions that result from successful recovery from an attack.
A best practice is structured, scheduled simulation to validate readiness and enable constant improvement. Fortunately, most of the information needed to do these things exists in the form of free, open source information or training from a trusted vendor.
Balancing the cybersecurity equation
As leaders seek to mitigate ransomware risk, investing in all three aspects of the cybersecurity equation is critical. Even with advanced technology, there must be well-trained employees to defend your data at all levels of the organization. By breaking down investments into layers of people and cybersecurity skills, organizations and employees can better understand how to counter cyber threats.
Keatron Evans, CISSP, CEH, CSSP, LTP, is Principal Security Investigator, Instructor and Author, Information Security Institute. He is a cyber security and workforce development expert with more than 17 years of experience in penetration testing, incident response, and information security management for federal agencies and Fortune 500 organizations. He is a principal security researcher at the Infosec Institute. , where he empowers the human side of cybersecurity with cyber knowledge and skills to circumvent cybercrime. Keatron is an established researcher, instructor, and speaker, as well as the lead author of the best-selling book, Chained Exploits: Advanced Hacking Attacks from Start to Finish. He regularly speaks at industry events such as Black Hat, OWASP, ISACA, and RSA, and serves as a cybersecurity subject matter expert for major media outlets such as CNN, Fox News, Information Security Magazine, and more.