As #RansomwareWeek draws to a close here on the (ISC)² blog, we turn our attention to how organizations can defend themselves. Yesterday, we announced that (ISC)² has granted free access to its "Ransomware: Identify, Protect, Detect, Recover" course through the Professional Development Institute to anyone who is interested in learning more about prevention and remediation. That’s because the consequences can be dire for organizations.
The days of ransomware attackers demanding a few hundred dollars for a decryption key are long gone. Attacks have gotten more severe, and perpetrators have become bolder, demanding multimillion-dollar payouts from their victims. In March, CNA Financial reportedly paid ransomware attackers $40 million.
Paying ransom, however, may solve one company’s problems but could make it worse for everybody else. “In some recent cases of ransomware attacks, the victim organizations have paid huge amounts to the attackers, which can be one of the reasons these attacks are getting more popular,” says Paul Webber, Senior Director Analyst, Gartner.
Instead of paying, he says, organizations should place a stronger focus on preparation and early mitigation. Gartner has issued a document li ..
Support the originator by clicking the read the rest link below.
