Is Ransomware Resilience Actually Possible?

Published by Axio

The ever-increasing onslaught of ransomware attacks has created an air of urgency to reinforce internal networks and make cybersecurity programs in the organization more resilient to this risk. Designing a system for sustaining overall operations even if parts of the system are compromised is vital. Implementing ransomware resilience requires a systemic approach. For example, companies should be analyzing a ransomware scenario proactively to identify and address interdependencies.

As a governmental response to the Colonial Pipeline attack, the White House has issued a new set of requirements for critical pipelines. These requirements include a cybersecurity contingency and recovery plan, as well as an architectural review of the cybersecurity design.

With the rising costs of ransomware attacks, as well as the unavoidable yet difficult decision of paying or not paying a ransom, It’s crucial that organizations act now to improve their cybersecurity posture. However, the question on many minds is whether or not ransomware resilience is truly possible for their unique needs.

A Resilience Lesson from Electric Utilities

A great example of an industry that has almost universally implemented ransomware resilience into key aspects of their operations is the electricity industry. They’ve taken full advantage of recent improvements in technology through the use of smart meters, which allow them to check in real time what the load is and how much to bill customers. However, if they were completely dependent on these smart meters, it would leave them vulnerable to a cyber-attack.

On-Site Electricity Meters
Using manual meters, the electric sub-sector has developed cyber attacker redundancies, and can still go on-site to measure in the event of an attack

As part of their ransomware resilience plans, they still have on site meters that are completely segmented. If the system goes down, these meters are still operational and would be able provide necessary data. This is not a regression to more people and controls, it’s just good business continuity.

The June 2nd White House Memo

The aforementioned set of requirements levied on critical pipelines was an important step towards the reduction of ransomware attacks. However, it was not the first action the White House has taken regarding this endemic. On June 2nd, a memo was published urgently recommending implementation of ransomware protection. There has never been a call to action like this coming out of the White House before. The memo strongly suggested to view ransomware as a threat to an organization’s business operations, and for boards to convene their teams to fully understand the risk at hand. The memo also came with a number of recommended best practices, which include:

  • Creating and testing offline backups
  • Updating and patching systems promptly
  • Testing incident response plans
  • Pen testing to check work
  • Segmenting networks

What Else Can I Do? 

Boards and executives may be in an awkward position of knowing they need to improve their internal defense but are unsure as to how to do it. Luckily for them, we here at Axio are heavily focused on enabling our customers to foresee issues and protect against them. Click this link to access our free tool that comes equipped with three assessments and five frameworks. If you’d prefer to speak with an Axio expert, fill out the form below and someone will reach out shortly.

Learn more about our Ransomware Preparedness Assessment.