If ransomware does strike, experts suggest that your organization better have a plan in place to manage the crisis.
“A ransomware attack forces organizations to make some very tough decisions,” says Jim Meehan, Senior Investigations Manager in Verizon’s cybersecurity practice. Meehan, a former member of the U.S. Secret Service who fought crime and cybercrimes for more than two decades, explains: “Should we pay? How much is too much? Who approves the payment, and where do we get the money from? And what if the hacker takes the payment but leaks our data anyway? You have to have a specific ransomware contingency plan and policy in place, well before such an attack, because you don’t want to be making those decisions in real time. The longer an incident goes on, the more damage it will do to the company.”
Meehan advises business leaders and security teams to collaborate regularly to ensure their ransomware response plans are up to date. Third-party security assessments and regular testing can also help measure company readiness.
The 2021 DBIR report expects the ransomware trend of taking data hostage and stealing it to remain popular among attackers. “We are not sure if this breach double-dipping is permitted in the Threat Actor Code of Conduct,” the report reads, “but there has been no evidence that they have one anyway.”
Learn more about how Verizon can help you better secure your business.