We are at a critical juncture. It’s not just that there are more ransomware attacks – many more than appear in the media. Driven by huge financial incentives, the nature of these attacks has evolved to become much more sophisticated, with the potential to steal sensitive data and cripple systems and reputations.
While crisis fatigue pervades, this is not a time to let down our guard. The cyber threat posed by ransomware can be as significant as the COVID-19 pandemic in its capacity to close down core functions across Government and business.
The number of executives who say they plan to put cybersecurity at the heart of every business decision doubled this year. Yet there’s more work to be done.
Too often ransomware and related cyber threats are viewed only as a technology challenge - and therefore something to be solved through technical fixes. IT plays a critical role, both in terms of identifying system vulnerabilities and securing them. But focusing on technology alone will not deliver robust resilience, including the ability to react rapidly if the worst happens.
Readiness and recovery plans must take account of technical, operational, legal, regulatory, insurance, reputational, and revenue implications.
PwC’s approach to improving ransomware readiness is a result of on-the-ground experience of our internationally recognised cybersecurity specialists. We’ve led major organisations, in Australia and worldwide, through serious ransomware attacks and back to safety.
But to protect trust, and your business, you must first be resilient. The Ransomware Readiness Assessment, created here in Australia by our Cybersecurity and Digital Trust team, results in practical recommendations and actions to remediate technical weaknesses and strengthen vulnerabilities to ransomware. This is across the value chain of process, people, operations, suppliers and technology.
Our Ransomware Readiness Assessment has been built through deep technical and industry expertise including threat insights and in-depth analysis from our Threat Intelligence team, which monitors threat actors worldwide in real time. The whole-of-business lens ensures critical information is presented in a way that can be understood and applied from the boardroom to the IT team.
Ransomware Readiness is about checking your organisation’s ability to:
Defend against ransomware actor techniques: Have you strengthened the systems in your network that are likely to be targeted? Have you made it harder for ransomware to spread? Are you regularly checking for vulnerabilities as your business and ransomware techniques change?
Detect ransomware threats: Are you capturing the right information? Can you detect activity generated in your system by a ransomware threat actor? Are you acting on alerts?
Respond if the worst occurs: How prepared are you to respond if a ransomware attack cripples your system? Are you across the legal and regulatory responsibilities you would have to meet? Are you aware of what needs to be done in order to meet insurance obligations?
Recover rapidly: Do you know where your assets are? Do you know what data is held on your systems? Can you restore them quickly?
1 https://www.crn.com.au/news/equinix-breach-7-things-to-know-about-netwalker-ransomware-attacks-553216
Andrew Gordon
Partner, Cybersecurity & Digital Trust, PwC Australia
Tel: +61 402 892 184