Securing against ransomware

vchal via Getty Images

Note from the editor

Businesses have a problem: Industry and law enforcement don't know the exact number of attacks that took place this year, last year or any year prior.

Some of that confusion is simply because some cyberattacks are so nuanced, it's not always obvious to label them ransomware. And because some of the most sophisticated ransomware strains are human-operated, security teams are often left guessing whether an attack is still ongoing. 

The unanswered questions can leave companies reluctant to report an incident, leaving gaps in what industry, government and law enforcement can do to prevent more attacks. 

Security professionals hail cybersecurity basics as the best defense against ransomware — regular patching, multifactor authentication and, maybe most importantly, information sharing. 

Read on to learn what goes into ransomware preparation and response, and expectations for managing the ever-increasing risk.

Samantha Schwartz Reporter

Boards rethink incident response playbook as ransomware surges

Corporate boards are no longer rubber-stamping assurances from CIOs or CISOs but are bringing in outside experts, asking more questions and preparing for the risk of personal liability.

• Published Sept. 15, 2021

Want to quickly recover from ransomware? Plan ahead

Security teams need to understand how the business will work when an attacker limits access to its systems.

• Published July 15, 2021

War room preparation key to ransomware response, experts say

Companies need to assemble stakeholders ahead of an attack and be ready for potential fallout from litigation, reputational risk and operations disruption.

• Published Oct. 11, 2021

Behind the Firewall: 5 security leaders share incident response plans

With a strong plan in place, security teams can jump immediately into action when a cyber incident occurs to — hopefully — mitigate the damage.

• Published July 30, 2021

A security expert's guide to the top-exploited vulnerabilities

The biggest and baddest ransomware groups love an easy vulnerability.

• Published Aug. 4, 2021

What ransomware negotiations look like

Fear can overwhelm the decision of whether to pay a ransom. But in negotiations, companies have to take a backseat.

• Published Sept. 9, 2021

Avoid paying ransoms, Gartner says. Instead, focus on situational awareness

In the event of a ransomware attack, CISOs need to pause amid chaos and gain a better understand around steps to recovery.

• Published Oct. 20, 2021

How to keep business operations running after a cyber incident

While companies need to move quickly to mitigate the cyber event, they're also starting from behind. Once an incident happens, businesses have to catch up.

• Published July 23, 2021

Cybersecurity drills don't have to be 'fight or flight,' training creators say

Cyber training has followed "a very dangerous path," the co-founders of Hook Security said. But a humorous approach may turn things around.

• Published Sept. 15, 2021

Everything CISOs need to know on securing against ransomware

Cyberattacks are so nuanced, it's not always obvious to label them ransomware. The unanswered questions can leave companies reluctant to report an incident, leaving gaps in what industry, government and law enforcement can do to prevent more attacks.

included in this trendline
  • War room preparation key to ransomware response, experts say
  • Behind the Firewall: 5 security leaders share incident response plans
  • What ransomware negotiations look like
Our Trendlines go deep on the biggest trends. These special reports, produced by our team of award-winning journalists, help business leaders understand how their industries are changing.
Davide Savenije Editor-in-Chief at Industry Dive.