This month, several Shared Assessments Industry Strategy and Working Groups came together in a cross vertical meeting, Ransomware: It Takes An Organization, to address ransomware threats.
Sophisticated ransomware attacks are being used with adjusted methods to strike supply chains and managed service providers (MSPs) – such as SolarWinds and Kaseya– thereby inflicting harm on service provider’s network of clients. This increase in attack surface and change in attack tactics has increased an organization’s likelihood for experiencing a cyberattack via a vendor. Ransomware is a significant third party and supply chain risk.
At the same time, the shift to remote work during the pandemic has introduced an increase in the frequency and sophistication of ransomware attacks, as all organizations and vendors moved global processes into virtual environments and thereby widening their attack surface.
Shared Assessments set out to bring together leaders in third party risk to share best practices, top concerns, and key takeaways in fighting ransomware. Our 100+ participants first met in a large virtual group setting to review a “Ransomware Tabletop Exercise” presented by a Shared Assessments member from a global industrial manufacturing company, which laid out the key questions and answers an incident response team needs to ask and have answered by their CEO and Executive Team. Then, we broke off into three subgroups to concentrate thought leadership in Crisis Management / Incident Playbooks, Cyber Risks and Resilience Risks.
Conclusion
Ransomware is a unifying theme insofar as all industries and organizations are impacted. All industries and organizations need to be aware and should connect to discuss approaches to preventing and mitigating this form of cyberattack.
The format of the meeting allowed for presentation and, most importantly, peer to peer discussion. This enabled the interchange of views, sharing challenges, offering techniques and hearing solutions – which were appreciated by participants and demonstrated the need of involving your entire organization in dealing with ransomware.
Our cross vertical meeting identified these resources as helpful for navigating the threat of ransomware:
- Cybersecurity Ventures: Cyberwarfare – 2021 Report
- Institute for Science + Technology (IST): Ransomware Task Force Final Report
- Identity Force: 2021 data breaches
- CoveWare: Ransomware Attack Vectors Shift as New Software Vulnerability Exploits Abound
- Palo Alto Networks: Complete Zero Trust Network Security
- Mitre Corporation: Ransomware Resource Center
- Ponemon & Experian: Eighth Annual Study: Is Your Company Ready for A Big Data Breach?
- Kloke (Doug Peckover): Complimenting Zero Trust
- US Department of Justice: InfraGard Connect to Protect
- US Federal Bureau of Investigation: Ransomware
- Federal Financial Institution Examination (FFIEC): Appendix D: Managed Security Service Providers
- NIST SP 800-34: Contingency Planning Guide for Federal Information Systems
- NIST SP 800-53: NIST Risk Management Framework
- Cybersecurity & Infrastructure Security Agency: Ransomware Guidance And Resources
- S. StopRansomware.gov: Cybersecurity Resources from Across the Federal Government
- European Banking Authority (EBA): Guidelines on outsourcing arrangements
- New York State: New York Department Of Financial Services Issues New Guidance On Preventing Ransomware Attacks