Insight by Gartner

Managing risk as ransomware popularity grows

Protecting Cyber Assets as Ransomware Attacks Rise

If you have a very high appetite for risk, maybe you patch your systems in 60 days or 90 days, if you have a very low appetite for risk, maybe you patch in seven. And that's a discussion that we help clients have all the time. The reality is, if we take no risk, we have no business, we have no opportunity. Risk and opportunity are opposite sides of the same coin, essentially. And we need to start working with that as our driving sort of mode of engagement rather than throwing all kinds of money at problems and essentially aiming for zero risk, which is just not achievable.

Ransomware and cyber ransom attacks are gaining attention as they continue to wreak havoc on critical infrastructure and important networks.

The attacks are likely part of the new normal when it comes to living in an increasingly connected cyber world, but that doesn’t mean that businesses and government agencies are helpless.

“We can’t stop the attackers, they’re going to come after us, whether it’s deliberate, whether it’s direct, whether it’s collateral damage, public, private, doesn’t matter,” said Jeffery Wheatman, vice president and advisory conference chair at Gartner, during a discussion sponsored by Gartner. “That being said, we do know that there are people that are targeted out there, there are organized, there are agencies that are targeted. The first thing to understand is we can’t prevent this, all we can do is build a program of readiness.”

That program of readiness is created around a culture of careful cyber tactics that need to be constantly reinforced.

Wheatman said training, education and awareness can cut back on how easily hackers can get into important networks. Companies need to backup their information so that data isn’t taken hostage. However, the threats are getting more concerning. Malicious actors are exfiltrating and encrypting  data and threatening to release private information.

“Let’s face it ransomware is big business. It’s state sponsored. It’s organized crime. The latest incident we just saw, they’re thinking there might be $70 million worth a ransom paid,” Wheatman said. “That’s a reason for people to break into a business for sure. Ransomware is big business, and it’s going to continue to get bigger.”

Wheatman said part of the push back against ransomware and other cyber attacks is to rethink how companies and agencies thing about cybersecurity.

“Not only do we need to buy tools, but we need to use them in the right way. We need to focus them on the right problems and we need to understand our questions before we start answering,” Wheatman said. “It’s not always about what can I buy? It’s about how do we solve problems? How do we strike this balance? How do we decide how fast do we drive on the highway? If the speed limit is 65? Do we drive 100? Or we do we drive 50? It’s about this balance.  After many, many years, our clients are starting to recognize that that balance is the way to engage with the problem. We can’t stop all risk. It’s impossible.”

Organizations need to decide what their appetite for risk is based on the data they protect.

“If you have a very high appetite for risk, maybe you patch your systems in 60 days or 90 days, if you have a very low appetite for risk, maybe you patch in seven. And that’s a discussion that we help clients have all the time,” Wheatman said. “The reality is, if we take no risk, we have no business, we have no opportunity. Risk and opportunity are opposite sides of the same coin, essentially. And we need to start working with that as our driving sort of mode of engagement rather than throwing all kinds of money at problems and essentially aiming for zero risk, which is just not achievable.”

Sign up for breaking news alerts