5 Actions That Will Immediately & Greatly
Improve Ransomware Resiliency
EXPECT THE UNEXPECTED
93% of companies without Disaster Recovery who suffer a major data disaster are out of business within one year.
2 out of 3 midsize businesses suffered a Ransomware attack in the past 18 months.
The average downtime for businesses as a result of a ransomware attack was 20 days in Q4 2021.
96% of companies with a trusted backup and disaster recovery plan were able to survive ransomware attacks.
Even after paying, only around 8% of victims recover all data. The average ransomware victim loses around 35% of their data.
More than 50% of companies experienced a downtime event in the past five years that was longer than a full workday.
An hour of downtime costs $6,797 for a small company, $62,875 for a medium company $594,777 for a large enterprise.
82% of breaches are caused by attack vectors that involve human errors such as social engineering attacks, phishing, and misuse.
Services & Solution Areas
Foundational Resilience Elements
Establishes the foundation for resilience within the organization
Core Resilience Programs
Secondary Resilience Programs
Pathway to a Resilient Ransomware Program
Implements the required elements to develop a resilient ransomware program
Building Blocks of Resilience in Ransomware – Overview
In order to build and maintain a Resilient Ransomware Program,
it is critical to take the below into consideration.
Standards such as ISO 22301, NIST CSF, and FFIEC help to guide the organization’s resilience strategies and efforts. Utilizing these standards will also fast track ransomware and resilience initiatives.
Choosing the standard that is right for you will depend on many factors such as your organization’s size, industry, and risk tolerance.
Although these standards cover various resilience and recovery elements, following their requirements and guidance will help build a foundation for your ransomware program
Responding and recovering is a core element for resilience. Core response programs enable a resilient and comprehensive ransomware recovery.
Outline a program strategy with Executive Leadership to determine a right-sized approach
Focus on the Foundational Resilience Elements before developing core/ secondary resilience programs
Programs should work in cohesion to guide response and recovery efforts
Once a Standard has been chosen, the organization should begin to align ransomware and resilience capabilities to the standard. Evaluating your program against standards helps align priorities and determine gaps.
A program evaluation should determine current resilience capabilities, identify gaps, and outline recommendations
Perform both Passive (i.e., Assessments, Current State Reviews, etc.) and Active (Live Failover Tests, Tabletop Exercises, Plan Walkthroughs, etc.) program evaluations
Continuous improvement is an on-going process that needs to be incorporated within a resilient ransomware program. This area includes testing, training, live tests/ exercises, lessons learned, and Tabletop Exercises (TTX).
A goal of program owners should be to develop a predictable and reliable program
Activities should include testing, exercises, lessons learned, and training
Continuously identify improvement opportunities and prioritize initiatives based on risk tolerance and strategy
Key Considerations of a Resilient Ransomware Program
The elements outlined to the right represent areas that most organization’s overlook when developing ransomware programs. The inclusion of these elements help embed resilience within the program.
Ensure Executive Sponsors support the program, budget, and continuous improvement process
Pathway to Ransomware Resilience & How We Can Help
Resilience Current State Review
Capability Maturity Assessment
Testing & Tabletop Exercise Facilitation
Continuity Risk Assessment
Technology Capability Assessment
Function Level Resilience Maturity Assessment
Business Impact Analysis (BIA)
Business Impact Analysis Facilitation
Process/ Technology Prioritization & Reporting
Technology Gap Assessment
High Availability & Backup Replication
Disaster Recovery Plan & Playbook Development
Backup & Disaster Recovery Testing
Business Continuity Plan (BCP) Development
Function Specific Recovery Plans
Plan Walkthrough/ Scenario Specific Exercises
Cyber Incident Response Plan (IRP) Development
Ransomware Playbook Development
Ransomware Tabletop Exercise Facilitation
Steps for Testing a Resilient Ransomware Program
Discovery & Preparation
Propose Exercise Objectives. Define Planning Cadence Facilitate discovery interviews Review potential scenarios
Clarify Support & Planning Requirements Objective Success Criteria Facilitation Questions Outline High Level Scenario
Finalize Logistics & Telecomm Checks Conduct Exercise Achieve Objectives Assess participants’ ability to meet success criteria
Wrap-up & Debrief
Assess capabilities Compile Assessments Review Observations Validate Action Items for After-Action Review.
Capture Exercise Overview Compile Observations Provide recommendations Disseminate Report.