RadarFirst Blog

Privacy’s Role in Mitigating Ransomware

Highlights:

  • Ransomware is a growing threat, showing no signs of slowing down
  • The role privacy plays in mitigating ransomware
  • The importance of a playbook for ransomware incident response
  • Register for the free ransomware webinar with ConfigureTek and RadarFirst on October 26

Read more below.

mitigating ransomware | radarfirst

Not a week goes by without a new ransomware attack in the headlines — with new demands, payouts, and general chaos. “Ransomware has rapidly emerged as the most visible cybersecurity risk playing out across our nation’s networks, locking up private sector organizations and government agencies alike,” states the United States Cybersecurity Infrastructure and Security Agency (CISA).

Ransomware has hit all industries including healthcare providers, governments, financial services, critical infrastructure, and food industries — causing extensive downtime, economic harm, and potentially other damage to information, systems, and even individuals.

Industry leaders contend that ransomware is showing no signs of slowing down, with healthcare one of the most targeted industries. As a result, hospitals are facing financial pressure and disrupted patient care.

A recent report from the U.S. Department of Health and Human Services (HHS) indicates that 60% of ransomware incidents this year have hit the health sector.

Is Ransomware on Your Radar?

Ransomware has been around for a while; we outlined general best practices for a strong security posture back in 2017. CISA describes ransomware as an ever-evolving form of malware designed to encrypt files on a device, rendering any files and the systems that rely on them unusable.

Hackers exploit weaknesses in security to steal or lock sensitive data — holding the organizations’ data hostage — demanding millions of dollars in payment. They will give you the key to access your system, or return the files, once the ransom has been paid.

The Importance of A Playbook for Ransomware Incident Response

How an organization manages its response to privacy and security incidents — including ransomware — determines the level of risk to its business, brand, and customers.

To be successful, companies must develop an incident response process that accounts for the evolving nature of threats, copes with limited resources, and complies with complex breach notification laws.

While ransomware is typically considered a security challenge, it is increasingly becoming a privacy concern, according to Caitlin Fennessy, CIPP/US, IAPP staff contributor in her IAPP article, “Ransomware, data protection and compliance.”

Fennessy stresses the importance of pursuing risk-mitigation strategies, including developing a playbook that includes these elements in mitigating ransomware:

  • Reporting requirements
  • Data protection and breach notification requirements
  • The legality and efficacy of paying

As you regularly update your incident response management efforts, be sure to add in steps to manage and mitigate ransomware. CISA offers ransomware best practices and recommendations — including a ransomware response checklist — intended for those involved in developing cyber incident response policies and procedures and those coordinating cyber incident response. When an incident occurs, how does your team respond? Evaluate your team’s incident response readiness with these tabletop exercises.

When developing a consistent incident response and breach notification program — and especially with ransomware emerging as a big threat — Kelly Burg, lead product manager at RadarFirst, recommends organizations evaluate their obligations.

For example, when it comes to determining harm: can an organization make the determination solely on its own or must it be done in collaboration with other entities, such as law enforcement? Read more in her Risk Magazine article.

Two Steps Forward: Honing Your Incident Response Process Amid Ransomware

Those in privacy know that the status quo is not enough. In privacy, you can’t afford to take a step backward — let alone two steps. Radar can help you move forward by providing intelligent incident response to ensure consistent, efficient, and objective risk scoring of privacy incidents.

This helps to reduce unnecessary notifications and reduce the risk of reputational damage from over-notification — ultimately, helping your organization level-up in terms of trust.

Interested in learning how to automate ransomware mitigation and recovery?

Register for the ConfigureTek webinar on October 26th to learn how to mitigate ransomware through automation. This free webinar boasts a variety of industry experts including Doug Kruger, VP of business development at RadarFirst.

You may also be interested in:

Topics: Incident Response Management