It’s a huge amount of money that organisations are losing on cyberattacks. But it’s also no surprise that a large proportion of victims are in critical infrastructure. Ransomware actors intentionally target operators of essential services who cannot afford any downtime for greatest chance of reward.
We cannot keep letting attackers hold our businesses to ransom. Cyberattacks are not going away, so organisations must prioritise increasing cyber resilience. This means assuming breaches will happen and focusing on reducing the impact of attacks on operations. Even more so, for those whose services are vital for the economy and society.
Security teams are doing their best and sharing intelligence on attack tactics certainly helps, but organisations can also no longer rely on traditional prevention and detection tools alone that were not built to contain and stop the spread of breaches. Attackers will always find new ways to execute attacks and seize payments so more emphasis needs to be placed on breach containment to severely limit the impact of these attacks.