Ransomware is an epidemic. It is expected to cost organizations more than $265 billion over the next decade, and it’s been the cause of more than half of cyber insurance claim losses in 2020.
While affecting all types of organizations, the impact of ransomware varies across industries. To better understand these variations, BitSight and ThirdPartyTrust analyzed hundreds of ransomware incidents over the last three years to identify common security performance gaps and challenges that lead to ransomware incidents, and how to prevent them.
The first of this series is our research report titled Ransomware In The Technology Sector, which is available for free download. It contains our key findings for the Technology industry, with the hope that this data is useful to your organization to avoid future ransomware incidents.
So how can security professionals in the Technology sector reduce the risk of becoming a ransomware victim? Which practices are effective in minimizing risk?
Based on our analysis, we find that certain security program practices may be critical to reduce the likelihood of experiencing a ransomware incident. We also identify which vulnerabilities are closely tied with ransomware campaigns.
The analysis includes:
- Likelihood of ransomware based on overall security performance
- How patching cadence impacts ransomware risk
- Specific vulnerabilities tied to ransomware risk
- Certificate and configuration management tied to ransomware risk
Ransomware: A Global Epidemic
2021 has been dominated by ransomware. Numerous high-profile incidents around the globe have shed light on the damaging impact that ransomware can have on organizations and global supply chains.
Large fuel supplier Colonial Pipeline was crippled by a ransomware attack, causing a system wide shutdown affecting nearly the entire U.S. east coast fuel supply for several days. Weeks later, an attack targeting a meat processing plant disrupted food supply. In Europe, a double whammy hit the Irish health system when the Health Service Executive, Ireland’s health care operator, and its Department of Health suffered a ransomware attack forcing a shutdown within the IT infrastructure. Incidents continue to hit the news at an alarming rate.
Why is ransomware growing so rapidly? Are ransomware incidents actually increasing, or are they just becoming more public? What industries are more affected? The research contains a number of critical performance indicators that can help security professionals in the Technology sector reduce the risk of becoming a ransomware victim.
How To Stay Ahead of Ransomware
Cybersecurity is not a one-and-done effort, but a day-to-day risk management. Cyber hygiene best practices also need to extend to your vendors, partners, suppliers, and any third-party member of your network.
Cybercriminals are often able to find and attack the least secure business in the supply chain and use that foothold to gradually compromise their partners. Having tools that provide deep insight into the risks and security performance of every member of your supply chain is critical.
ThirdPartyTrust can help by providing a one pane of glass risk dashboard, with end-to-end vendor risk assessment automation for making informed decisions about vendors, and continuously monitoring their security posture.
Let us show you how ThirdPartyTrust can help you control ransomware and other risks across your third party supply chain. Talk to an expert today.
The Impact of Ransomware in the Technology Sector
Our research report contains key findings for the Technology industry, so that your organization can avoid future ransomware incidents.
You will learn: which vulnerabilities are closely tied with ransomware campaigns, how to prevent them, and how can Technology professionals like you stay ahead.
