Most breaches are preventable if organizations would follow their own security policies.
Nearly every day brings a new slate of ransomware victims, with low-risk, high-reward attacks against all types of organizations.
Now more than ever, partners have to respond intelligently and quickly to help heir customers fend off cyberattacks. And if those clients do become ransomware victims, partners must help them get through it with as little damage as possible.
But how do partners accomplish this? We asked the experts.
During this Channel Partners Conference & Expo presentation, “The Cybersecurity All-Star Panel: The Fight Against Ransomware,” April 12, cybersecurity all-stars will provide attendees with expert views on how to navigate ransomware strategies. Those include fighting ransomware, lessons learned from the pandemic, regulatory requirements and when it’s acceptable to pay.
The all-star panel includes:
- Etay Maor, Cato Networks‘ senior director of security strategy.
- Kevin Johnson, Nfinit‘s vice president of product strategy.
- Ray Watson, Masergy Communications‘ vice president of technology.
- Tony Anscombe, ESET‘s chief security evangelist.
In a Q&A, Maor and Johnson give a preview of what they’ll share with attendees.
Channel Futures: Are there right ways and wrong ways for companies to form defense strategy so they don’t become ransomware victims? Moreover, can you give some examples?
Etay Maor: There are many wrong ways to go about your ransomware defense strategy. The first and biggest one is thinking you are not a target for ransomware groups. That assumption needs to go out the window fast. Next is to have a plan in mind, but not just an IT-oriented plan. A ransomware attack is not an IT issue; it is a business issue.
|These top speakers are among more than 100 at the Channel Partners Conference & Expo/MSP Summit. Register now to join 6,500 fellow attendees, April 11-14. You can also interact with more than 300 key suppliers and technology service distributors.|
The plan, which should be written, distributed, understood and simulated, should include stakeholders from every relevant group in the company – IT, security, board, HR, PR, legal, etc., In addition to the common best practices (backups, endpoint protection, intrusion detection systems, etc.), organizations should consider having a known law enforcement contact and a ransomware negotiator on retention. They should also understand how to purchase cryptocurrency or have a third party help with that, if that is part of the plan, and understand the laws and regulations. You really don’t want to try and learn this as it is happening. Be prepared.
Kevin Johnson: As with most things in life, there are rights and wrongs, and then a lot of in-betweens depending on what the business can handle. The biggest wrong is to think that your business does not fit the profile to be a target. No business or individual is too big or too small. The biggest hurdle is getting people to understand that ransomware can target companies or individuals, but that is not the only way it spreads. It is just looking for an unlocked door and then wanders in to do its thing. Education and simulation go a long way to help protect an organization.
CF: What aren’t organizations doing that they should be doing to protect themselves and their customers from becoming ransomware victims? Furthermore, how can cybersecurity providers help?
EM: Organizations need to understand that you shouldn’t rely on multiple security point solutions. In every case I have investigated, the attackers were on the victim’s network for days, weeks and sometimes months. Some of the systems, like endpoint protection systems and security logs, had clear alerts that there is malicious activity on the network prior to the ransomware payload deployment.
Why were they missed? Well, with large organizations having 50-70 security systems in place, the poor security analysts are trying to …