Despite the challenges that 2020 has brought upon us, cybersecurity professionals have had an especially interesting year: from securing a sudden remote workforce to the rise of ransomware. We had strong indications that ransomware was going to be an important topic (check our predictions for 2020, the first was titled “Ransomware Slaves”). Unfortunately, time has proved us right.
Ransomware is keeping cybersecurity operators and strategists up at night, many referring to “ransomware anxiety”. Ransomware is the kind of threat whose severity isn’t known until it is too late. And, with most security teams drowning in alerts, any alert that isn’t prioritized or actively countered can trigger a bad situation.
CISOs face a situation where they cannot answer if ransomware has already breached their network infrastructure. The fear doesn’t only stem from the possible breach, but also their security infrastructure’s ability to detect if—or when—ransomware strikes. Ransomware is so successful because it is good at avoiding detection. Without the necessary tools and resources, finding ransomware before it is too late can be perceived as an impossible task.
It’s similar to a fear many of us experience as children: fear of the dark. The scary part is not just the dark itself, but the possibility of what might be in it. The darkness is just an absence of facts. Once we reveal the facts—with light—we find relief. When the light switch is turned on, there are two options. If there is a threat, you can take the necessary action. If there is no threat, the anxiety goes away.
2020’s unique challenges have done little to ease anyone’s anxiety. However, for CISOs it adds additional worries. Businesses have suddenly moved their users away from the protections they were accustomed to. Now those users are accessing work resources from unsecured networks and locations. From the CISO’s perspective, any compromises on those users’ devices are sitting in darkness. In this way, Covid-19 only serves to heighten ransomware anxiety.
Anxiety also compounds the problem by causing crippling indecision. It triggers a biological fight-or-flight response. However, it is not possible to take decisive action when there isn’t a concrete threat to address. We are faced with the need to act, and the inability to take action. Consequently, the mind starts to cycle endlessly through worst-case scenarios
Ransomware anxiety can and needs to be relieved. According to Gartner, 90% of all ransomware attacks are preventable. Here’s how CISOs can lower their anxiety levels:
- Know the real-time compromise level of your organization. The situation might be bad, but never as bad as not knowing what is happening.
- Have facts—and not opinions—at hand. One of a CISO’s chief responsibilities is being able to communicate clearly and effectively with their board.
- Measure the effectiveness of security investments. CISOs must invest resources wisely to reduce bad results and anxiety. This requires knowing which tools are working as expected and which tools are not delivering on their results.
We’d like to invite anyone who is experiencing undue stress in these unprecedented times to sign up for a Lumu Free account. It only takes a few minutes to set up and can start measuring your exposure to ransomware in no time. For more of our freely available articles and insights into the current ransomware crisis, feel free to visit our Ransomware Resource Center.