Bryan Mills (Liam Neeson) is the powerful main character in the Taken movie franchise. A former Green Beret and CIA operative, Mills uses his unique blend of expertise and military tactics to find his kidnapped daughter. One particular line of dialog characterizes his mission: “What I do have are a very particular set of skills, skills I have acquired over a very long career. Skills that make me a nightmare for people like you.”
This could just as easily apply to people in the tech industry who are in charge of protecting their company’s IT in the face of rising ransomware attacks. They are responsible for keeping their data and information safe and out of the hands of kidnappers. And in the current cyber-threatened environment, every company needs a Bryan Mills. Like Bryan, their mission is straightforward: Plan, Prevent, Respond.
But that’s easier said than done. Today’s technology leaders – in fact, business leaders at all levels – are dealing with a rapidly growing threat of ransomware, and the costs and recovery time are rising daily. Not only are there visible costs of an attack – criminal investigations, breach notifications, regulatory compliance and penalties, legal fees, post-breach protection, PR nightmares – but there are invisible costs, ranging from mounting insurance rates to loss of contract revenue to customer loss.
THE MOMENTUM BUILDS
As the rate of security events gathers speed, with one prominent business after another experiencing highly damaging security breaches, most organizations are aware of their potential security gaps. But clearly identifying where to begin in filling those gaps can be overwhelming, as a rapidly evolving technology landscape creates more complexity than ever before.
Couple that with the fact that businesses are struggling to find skilled incident responders, and the problem becomes even more complicated. Organizations report that it’s a challenge to hire and retain experienced security personnel who understand the new technologies they wish to implement in order to elevate their cyber defenses. Estimates of the global shortfall in skilled security personnel vary, but ISC2 recently estimated that the number of unfilled security practitioner positions is as high as four million. According to research by the 451 Group, 78% of organizations face a skills and expertise gap in security.
On the other hand, scurrying to invest in a slew of point products to solve particular pain points will only lead to further issues. As many security practitioners will attest, they often find themselves grappling with too many tools that are often not integrated, preventing them from having visibility over their security posture.
HOW TO RESPOND
According to Forrester Research, spending on cybersecurity services outpaced all other investments for the first time in 2018. Today, Forrester estimates that four times more budget is being directed to cybersecurity services than anything else.
Fortunately, the advent of managed detection and response services, or MDR, has been a game changer. MDR offers a way to cost-effectively reduce the likelihood of successful attacks and minimize the impact should the worst happen.
One of the best responses to cyberthreats, MDR provides peace of mind from threats by combining 24/7 Software-as-a-Service (SaaS) security with visibility and detection coverage wherever a company’s systems reside.
MDR delivers intrusion detection of malware and malicious activity in your network, and then supports a rapid incident response to eliminate those threats with concise remediation actions. With the concise remediation actions and option to contain threats, customers can enable their incident response teams to move quickly to eradicate the threat. It often combines a technology solution with outsourced security consultants to expand your technologies and team.
DON’T GO IT ALONE
Companies already working with a partner for backup and resilience are one step ahead in protecting their businesses. By working with their vendor to make sure they have the proper safeguards in place to prevent ransomware attacks, enterprises can decrease their chances of falling victim. This includes keeping backups current and separate, segmenting their network, patching and hardening systems, educating employees on ways to spot suspicious emails, and securing tools to detect known breaches.
An organization can accelerate the incident response phase of detection and remediation by using a log management and analysis environment. This is a critical step, because the more recent and accurate the entry of when an intruder or suspicious behavior began to appear, the more likely they can identify when a malware attack started. These details can provide insight into when their backups were ‘clean,’ and that information can be used to restore their business back to normal state.
Taking this a step further, vendors who wrap MDR tools such as Alert Logic around their clients’ IT DR plans will add further protection. As the industry’s first MDR provider with more than 4,000 customers worldwide, Alert Logic’s proprietary platform analyzes network traffic and more than 140 billion log messages each day, providing coverage across a massive attack surface. This is important, because even if you have protections in place to protect your data from hackers, nothing is foolproof. You still need a plan for recovering your data in the event it becomes compromised. A traditional DR plan isn’t enough.
TAP INTO THE EXPERTS
When looking for an experienced Managed Security Services Provider to help you protect your IT systems and data, look to someone like Sungard Availability Services (Sungard AS), who develops comprehensive security and data protection solutions by partnering with leading data protection and security technology partners. We know a thing or two about securing your environment, having protected thousands of organizations worldwide by providing the right solutions for physical, hybrid and cloud platforms in order to secure them with a holistic strategy. Further, we can protect the most critical and vital IT systems and data from both technological risks, like the rapid rise in cyber and ransomware attacks, to the ever-present threat from extreme weather and natural disasters.
2020 was a tremendous year for ransomware attacks and 2021 is close on its heels. The Colonial Pipeline attack, JBS Meat Processing attack and other outages at Fastly, Akamai and Kaseya prove why it’s more important than ever to have a data recovery program in place. Couple this with the rise in extreme weather conditions as the planet continues to warm up, and it has never been so apparent that businesses need to find the right solutions that leverage best practices and partners.
As we prepare for Cybersecurity Awareness Month, now is the perfect time to find a partner with the particular set of skills you need to help you be resilient. Besides, no one wants to get Taken when the economy rebounds and businesses return to normal.