If this question is keeping you up at night, you are certainly not alone. The threat is tangibly real and immediate, with ransomware damages projected to top $20 billion by the end of the year (Cybersecurity Ventures, 2021) and the average cost to recover from a ransomware attack estimated at $1.85 million (Varonis 2021). The stakes have reached a critical point and no organization, no matter how big or small, can hope to escape unscathed without addressing the threat head-on.
“Check Your Security Team’s Work: Use a 3rd party pen tester to test the security of your systems and your ability to defend against a sophisticated attack.” The recommendation put out by the Deputy National Security Advisor in June 2021 (source) is not new, yet it is often grossly underestimated. In the face of increasing ransomware threats, organizations rush to add more security tools in a never-ending chase after the newest bells and whistles in prevention and detection. As a result, they tend to neglect the basics: validating the effectiveness of their existing security solutions.
Validating endpoint protection and the successful implementation of other prevention and detection solutions is not simply a matter of reviewing configurations, adhering to best-practices, and placing your trust in higher forces. There is no telling where the soft spots lie hidden unless you actively and aggressively seek them out. You need to know what you don’t know and stop accepting the weakest link.
A new methodology is in order. To validate your ability to defend against the latest ransomware attacks you must take up testing and emulation. Running continuous and automated testing of attack scenarios that are as close to the real attack vectors as possible is how you can validate your overall ability to detect and prevent those attacks before the adversary has their turn. Challenging your entire security stack is how you can ensure your EDR, NDR, SIEM, SOAR, DLP, WAF, FW and any other security services are effective and properly configured. It goes without saying that this testing must proceed in a safe and controlled manner, without impeding business continuity and without interrupting operations.
Without validation, security spending can seem like a bottomless pit, always on the verge of spiraling out of control with diminishing returns. The result? After all that spending and scaling effort, you are back to square one, still wondering “Am I ransomware ready?”. Gaining confidence in your cyber resilience – if this is what you are after – means it’s time to start emulating real-world ransomware attacks in your organizational network and validating your security controls.
The evidence is clear: prevention & detection alone can only go so far. It’s time to shift the focus from building higher walls to blocking attackers at every turn, once they find their way inside. You wouldn’t go on stage without a grand rehearsal. You wouldn’t trust your fire code without a fire drill. Becoming ransomware ready is no different. Trust your security controls when you see them in action.
Interested to learn more about how to become ransomware ready? Start a free ransomware readiness assessment to learn more about RansomwareReady™, a Pentera ransomware emulation self-service platform to support IT professionals on their quest to achieve Automated Security Validation.
The Greatest Hits of 2020
The Greatest Hits of 2020 Who doesn’t love some good old nostalgia? Ok, it’s true, many of us are glad to see the back of 2020. But as we start 2021 strong, let’s take a moment to remember some of the community’s favorite content, including our top-read blog, our most-watched webinar, and a chance to...
A Big Step Toward Making a Vision Come True
In the world of startup innovation, funding is the jet fuel that thrusts founders and entrepreneurs to move forward and fulfill their dreams, as bold and ambitious as they may be. The saying “an army marches on its stomach” may be lent to “a startup marches on its funding”. Our end in mind when raising...
CEO Thoughts Post Round A – There’s No Stopping Us Now!
Almost two years have passed since I began my role as Pcysys CEO, joining Arik Liberzon, our Co-founder & CTO and Arik Faingold our Co-founder and Chairman, on this great mission to revolutionize Cyber Risk Validation, together with industry veteran Ran Tamir, our VP of Product, and Aviv Cohen, our visionary CMO. Being an enterprise...