Organizations of all sizes and across industries continue to be challenged with managing the risk and impacts of ransomware attacks. Developing a methodical approach to strategize, plan, identify, research, resolve, recover, report, and prevent ransomware attacks is critical to effectively mitigate the inherent risks and impacts posed by ransomware. One of the greatest challenges ransomware attacks present is the breadth of possible attackers and attack vectors.
Incidents like the Colonial Pipeline ransomware attack are serious warnings for organizations. They highlight the urgency that, no matter what industry you’re in, you must operate with the mindset that you are a target and take action to ensure that your people are aware and processes are equipped.
Beth McKenney, Principal, Technology Risk Management group, KPMG LLP
If you don’t prepare your company may potentially face significant risks and impact, such as:
Restoring data from an older recovery point can result in a significant amount of lost business transactions or other critical data.
Data encrypted during the attack may not be able to be recovered, resulting in a significant loss of data.
Paying the ransom can lead to being targeted more in the future,
To mitigate against these risks, companies need a 3 pronged approach.
Read more in our new point of view article, Technology Risk Management professionals discuss ransomware risks and how organizations can plan against, prevent, and respond to ransomware attacks that may be a threat to their business.
