One of the biggest mistakes a business can make is blindly throwing technology at the problem instead of properly investing in building a security team.
Ransomware attacks are a deadly blow to both small start-ups and global giants. As people in the security industry, we can say unequivocally that the question now is not if companies will be hit by ransomware, but when. Software security is a basic part of network security, and to improve software security, defects can be found and repaired through static code detection tools in the development stage.
Data shows that the cost of correcting defects during the testing and release phase is 15-90 times that of discovering and correcting defects during the coding phase, and 50-200 times if defects are discovered and resolved after delivery to users. Therefore, finding and resolving as many defects as possible during the coding implementation stage can greatly reduce the cost of defect management, which is estimated by relevant statistics to be at least 1/3 lower.
With ransomware easily available to buy and sell, companies are now more vulnerable to cyber attacks than ever before. There is no complete solution to prevent ransomware attacks, so what can companies do to minimize their impact?
Measuring the cost of a bug is a difficult task, and there is no one-size-fits-all framework.
However, quick recovery depends on one important aspect: a well-developed network incident response plan. The plan should include pre-determined activities that need to be tracked, such as attrition rates (short and long term) and licensing costs, as well as project managers tracking vendor work reports, tracking times, software component security, etc., to make things clearer.
Having someone measure these seemingly small details gives a more accurate picture of the total cost of an attack, which is often much larger than companies realize.
It is also necessary to look at costs in terms of short-term expenses (ransomware payments, online insurance fees, legal fees and consulting fees) and long-term expenses (reputation/media, sales and training). For example, we use a tool that contains standardized tasks, dependencies, owners, and many other metrics that security teams can start logging. Regardless of the specific tool you use, it’s important to sit down and list exactly what you need to track in a collaborative way across all teams.
One of the biggest mistakes businesses can make is blindly applying technology to solving problems rather than investing properly in building security teams. Organizations often spend hundreds of thousands of dollars on endpoint detection and response (EDR) solutions while neglecting to monitor and invest in high-quality security leadership and human talent.
Other costly mistakes include:
Ignore the basics
Simple mistakes can be costly. According to IBM research, a bug life cycle of less than 200 days costs $1 million less than a life cycle of more than 200 days, so even small adjustments to reduce time can save a lot of money.
The most common cause of security vulnerabilities is vulnerability management failure (for example, missing patches, and not paying attention to code security audits during software development resulting in defects). Bugs can be disastrous if ignored.
There is no clear responsibility
Cios and other IT decision makers almost always choose to prioritize business operations plans over security, so make sure you have a good ambassador who can clearly communicate security priorities to senior leadership. That way, your team won’t be kept in the dark during important leadership conversations.
Ignore the warning
Ignoring these warnings is often the beginning of serious problems.
Once you have a plan in place using a well-defined measurement framework, you can now begin to strategically invest time and resources to build it through strategy. So what should you invest in? In addition to your defined incident response plan and security staff, you should prioritize the following specific areas of investment.
Start with network segmentation.
With laptops, smartphones and devices connected to the Internet of things, organisations today have plenty of media to attack. But businesses can save millions of dollars by ensuring that attackers can only damage one device, rather than moving sideways and moving unimpeded through the environment.
Back up and store critical data, including your IT gold image, offline. If you cannot get a full offline backup, at least ensure that you cannot access the backup using domain administrator credentials. Ransomware threatens to attack your backups – don’t make it easy for them. Once the backup program is up and running, make sure the backup is updated at least once a month. With backups, not only can you revert to normal operations more quickly, but you can also see what went wrong months ago — which is often critical for root-cause analysis.
Throughout my time in the industry, it has been clear that the more critical processes, tools and plans companies lack for cyber security after a cyber attack, the longer an organization’s systems are down.
Reference link:
www.darkreading.com/attacks-bre…