Ivanti’s Ransomware Spotlight year-end report, conducted in partnership with Cyber Security Works and Cyware, found that there are now a total of 157 ransomware families, an increase of 32 from the previous year.
Targeting unpatched vulnerabilities and weaponizing zero-day vulnerabilities in record time enables ransomware families to inflict debilitating attacks. They are also evolving, finding new ways to compromise valuable organizational networks, as well as expand their attack spheres, to implement and trigger high-impact attacks.
But it’s not all bad news: as ransomware threats increase, so do sophisticated countermeasures. These barriers offer protection and can drastically reduce the damaging effects such attacks can have.
The MAP for your cybersecurity journey
By reducing attack surface areas and proactively scanning and monitoring for threats, countermeasures reduce the time and human resources spent on defenses.
Building scalable, framework-aligned cybersecurity protocols is particularly important in the age of the ubiquitous workplace. To achieve this, companies must embark on a three-step journey: Manage, Automate, and Prioritize (also known as MAP).
The first phase, Manage, focuses on establishing the cybersecurity foundation of the business. The second, Automate, eases the burden on IT. The last one, Prioritize, maps out how to get to a point where IT can identify and act on the top areas of risk.
There is a simple 6-step process for a comprehensive MAP strategy:
Step 1: Gain Full Asset Visibility
It is impossible to manage what is not found. Automated platforms that cover all connected devices and software and can improve asset visibility will help provide contextual information on how all assets are being used. This data is vital to organizations’ IT and security teams and will inform them on how they can make well-calculated and effective decisions.
If comprehensive enough, this discovery initiative will find all assets, from corporate-owned devices to Bring-Your-Own-Device (BYOD) devices. This gives insight into who, how and when these devices are used and, more importantly, what they have access to. Security teams can take this knowledge and use it to improve asset protection.
Step 2: Modernize device management
In remote and hybrid work environments, one of the essential parts of increasing security is modern device management. To maximize user privacy while keeping corporate data secure, companies should implement a unified endpoint management (UEM) approach that is fully BYOD compliant.
UEM architectures typically include the ability to establish device hygiene with risk-based patch management and mobile threat protection. You can also easily monitor device posture and ensure compliance and quickly and remotely identify and remediate issues. When choosing a UEM solution, it’s important to choose one with management capabilities that can span a wide range of operating systems, as well as being available both on-premises and through software as a service (SaaS).
Step 3: Establish device hygiene
Good device hygiene isn’t just about patch management, it should also involve taking a proactive, multi-layered approach. Ensuring that the only devices that can access business resources are those that meet defined security requirements will reduce the digital attack surface.
There are several vulnerabilities that businesses need to be aware of: device vulnerabilities (vulnerable OS versions, jailbroken devices, etc.), application vulnerabilities (suspicious application behavior, security risk assessment, etc.), and network vulnerabilities. (Unsecured Wi-Fi, malicious devices). access points, etc). The build processes that help identify these vulnerabilities are well defined and repeatable. The eventual automation of routine security tasks can help companies establish high-level device hygiene.
Step 4: Ensure users are safe
Once threat actors obtain the passwords, they can be weaponized. In data breaches, login credentials continue to be the most sought after type of data, being involved in 61% of breaches. One particularly vulnerable area is single sign-on (SSO) solutions. This is because they create a single point of failure that hackers can use to gain access to most or even all business applications.
So what is the solution? Passwordless authentication via zero login. Replacing passwords with alternative multi-factor authentication provides a much more secure layer of defense. Examples of these alternative authentication methods can be possession, context, or inherence (biometrics, such as fingerprints, Face ID, etc.).
Step 5 – Secure the Perimeters
With the changing world and the rise of the Everywhere Workplace, the network perimeters that were sufficient for the office are not efficient for this new world. Because of this, networks for today’s enterprises must be built on software-defined perimeter principles (social democratic party). SDP can be integrated into existing security systems to take advantage of proven, standards-based components. It is worth noting that SDP still requires a layer of security to receive maximum benefits, which is where Zero Trust Network Access (ZTNA) is needed.
Step 6: Monitoring for improvements
One of the main problems with security posture assessments is that they are often reactive to an attack. This, combined with the lack of filled IT positions, causes a big problem. To mitigate threats and maintain compliance, controlling governance, risk and compliance (GRC) management is imperative. IT should look for a solution that has quick and easy regulatory documentation imports to map citations to security and compliance controls. This, along with the replacement of manual tasks with automated repetitive governance activities, will help in monitoring cybersecurity defense methods.
With the right comprehensive and integrated solutions, businesses can ease the burden on IT staff and preserve an efficient, productive, and intuitive user experience. With this, companies can maintain integrity regardless of where, when or how their employees choose to work.