The White House is urging private companies operating within the U.S. to better protect themselves from ransomware attacks. While this is an important proclamation, it has come to light that many businesses do not know where to begin in fortifying their cybersecurity.
In recent weeks, major cyberattacks have crippled the meat packing business JBS and Colonial Pipeline. These cases, grabbing recent headlines, show how event major corporations can be brought to a standstill by a directed attack.
Such events are also costly. Joseph Blount, CEO of Colonial Pipeline Co., told The Wall Street Journal that he ended up authorizing a ransom payment of $4.4 million to the hackers behind the cyberattack.
According to new analysis from Ric Longenecker, CISO at Open Systems, there is much work to be done within the corporate world.
Longenecker tells Digital Journal: “We continue to see a rise of ransomware attacks demanding millions of dollars in ransom payments in order to keep essential infrastructure intact.”
The ebb and flow of corporate life results in, says Longenecker: Many businesses are continually challenged to properly assess their infrastructures, overlooking a myriad of vulnerabilities.”
He adds that “while the White House might be getting involved in this week’s ransomware attack at JBS , we won’t see this type of response for many businesses. Most traditional in-house security programs simply aren’t able to effectively address today’s risks”
This situation needs to change, says Longenecker: “It is critical for companies to turn to solutions like managed detection and response (MDR), for example. MDR combines operational experience and human expertise, advanced threat detection, and AI-driven technology capabilities to enable teams to react earlier in protecting the business.”
Without sufficient security for every hardware component and its supply chain, the hardware itself cannot be trusted.
Looping back to his day-to-day role, Longenecker concludes: “Our continual advice to our customers is – find a partner, work now to prevent security breaches before they make an impact, and establish a strong recovery plan.”