While 64.8% of polled executives say that ransomware is a cyber threat posing major concern to their organizations over the next 12 months, only 33.3% say that their organizations have simulated ransomware attacks to prepare for such an incident.
“As some ransomware can evade antivirus tools and attackers find more ways to pressure victims to pay ransoms, these attacks often have national and global repercussions. There’s no time to waste when it comes to honing and testing incident response programs for ransomware and other cyber events.”
To get an idea of how prepared an organization is to address a ransomware attack, Norton says business leaders can ask specific questions designed to probe the depth of the cyber program’s ransomware detection, prevention and response capabilities.
Questions leaders can ask to gauge their organizations’ ransomware preparedness.
Does our organization’s cyber incident response plan address ransomware attacks specifically? Leading organizations have developed and tested cyber incident response plans, but not every organization has one and not all directly address the nuances of ransomware attacks.
Has our organization considered adopting zero trust to help bolster cybersecurity against ransomware and other threats? Removing automatic or inherited trust given to users, workloads, networks, and devices can help organizations shore-up security gaps created by digital transformation, M&A activity, rapid cloud adoption and continued remote work that ransomware actors frequently take advantage of.
