Ransomware attacks in which hackers take an organization’s data hostage in exchange for money have spiraled during the COVID-19 pandemic, costing businesses an average of $4.24 million USD, according to a recent IBM report. In May, U.S. President Joe Biden enacted an executive order that will pave the way for enhanced cyber security. However, industries still face a major shortage of cyber security professionals to make this happen.
“Approximately one in three cyber security roles in the public sector are still unfilled,” Dan Schiappa, chief product officer at cybersecurity firm Sophos, told CNBC. “That’s about 33,000 jobs and with a CISA [Cybersecurity and Infrastructure Security Agency] vetting process that can take up to a year for new hires, there’s no time to waste.”
Many organizations try to solve the issue by hiring more tech professionals. However, due to a cyber security talent gap among tech workers, finding the right experts is often difficult. According to Simone Petrella, co-founder and CEO of CyberVista, a cybersecurity workforce development company, organizations should focus on training the employees they already have rather than making new hires.
“Someone in a general IT role already understands networks, they know how to do privileged access, so you can train them in security technical skills,” Petrella told CNBC.
Training employees, however, is only part of the solution. Organizations that want to fend off ransomware threats also need to develop effective protocols for reducing and responding to attacks.
New Guidance on Preventing Ransomware Attacks
In August, the Cybersecurity and Infrastructure Security Agency released a fact sheet with recommendations for organizations on how to prevent and respond to ransomware attacks.
Titled “Protecting Sensitive and Personal Information from Ransomware-Caused Data Breaches,” the fact sheet includes the following guidelines:
- Maintain offline, encrypted data backups with regular testing. This is important since ransomware variants may locate and erase or encrypt accessible backups.
- Establish a cyber incident response plan. Such a plan should include guidance on how to respond and communicate ransomware attacks; a resiliency plan on what to do if you lose control or access to critical operations; and an appropriate communications plan.
- Reduce internet-facing vulnerabilities and misconfigurations by employing best practices for remote desktop services; conducting regular vulnerability scanning, especially on internet-facing devices; regularly updating software; ensuring that devices are configured properly and with security features enabled; disabling or blocking inbound and outbound Server Message Block (SMB) Protocol, and removing or disabling versions of SMB that are outdated.
- Reduce the chances of employees falling victim to email phishing scams. You can do this by implementing strong spam filters and having employees undergo cybersecurity user awareness training on how to identify and report phishing attempts and other suspicious activity.
- Practice effective cyber hygiene. This includes keeping antivirus and anti-malware software and signatures up to date; implementing application allowlisting; limiting user and privileged accounts with account use policies, user account control, and privileged account management; implementing multi-factor authentication for all services where possible; and employing cybersecurity best practices from CISA’s Cyber Essentials and the CISA-MS-ISAC Joint Ransomware Guide.
The fact sheet provides additional guidelines on how to safeguard sensitive and personal information and how to respond to data breaches caused by ransomware attacks. Read the guide here.
Ransomware attacks are likely to get worse, especially as the pandemic continues to force organizations to digitize. By offering cyber security training to employees and following appropriate guidance, however, attacks can be mitigated.
Simulated Real-World Cyber Security Attacks
IEEE has partnered with ISACA to provide the cloud-based Cybersecurity Nexus (CSX) Training Platform to organizations. This unique training platform offers 24/7 access to over 100 hours of training, the CSX Cybersecurity Practitioner (CSX-P) certification, and the Cybersecurity Nexus (CSX) Skills Assessment Tool, including:
- instructional courses and hands-on labs in a sandboxed environment that safely replicates the real cyber-threatened world practitioners work in every day, enabling your team to build, practice and test
- technical skill sets for any level of experience, beginner to advanced
- enterprise dashboard to review team training performance with real-time progress tracking
- 300+ CPE skills-based credit hours that can be applied to the CSX-P and other certifications
Contact an IEEE Account Executive to get access for your organization.
Caminiti, Susan. (25 August 2021). What cybersecurity leaders say they need from the federal government. CNBC.
Protecting Sensitive and Personal Information from Ransomware-Caused Data Breaches. Cybersecurity and Infrastructure Security Agency. CISA.gov.