The threats associated with cybersecurity have become the principal driver of risk not only to IT functions but to the bussiness as a whole.

Ransomware, because its multiplicity of attack vectors (insider threats, phising, B2B gateways,…), the lowering of the capability barrier for the threat agents that “Ransomware-as-a-Service” represents and the recent destructive strains such as Whispergate; has become the “attack you don’t want to experience”.

Security awareness of the workforce, egress traffic monitoring, backcup policies and a tested BCP are non-negotiable risk mitigation strategies.

--

--

Taking in account that HSE didn’t pay the ransom it becomes abundantly clear that the main costs of a ramsomware attack are twofold: tangible and untangible.

Tangible costs would include the cost of the Incident Handling and Response, Disaster Recovery and remediation, and obviously a costly re-evaluation of the current security posture, risk appetite and implementation of the new security controls derived from the lessons learned. Not to mention the downtime, the costs related to the affected bussiness essential functions and possible legal liabilities.

Untangibles like the reputational loss, an stressed workforce and supply chain are sometimes more difficult to evaluate but probably could result in longlasting consequences.

On a personal note I would like to stress the need for resillience thru redundancy, a well groomed BCP and a tested DRP.

Backups, backups & backups!

--

--

Luis Alfonso Rodríguez de Trío

Luis Alfonso Rodríguez de Trío

Senior Cybersecurity Leadership / IT Director. MBA, CCISO, CISM, CEH, CHFI, ECIH, Security +, ECI.