CNME Editor Mark Forker spoke to Satya Gupta, CTO at Virsec, to find out how the IT leader believes how a proactive, prepared and deterministic approach to security is the best way for enterprises to say protected from the ever-increased threat of ransomware attacks.
Over the last 12 months we have seen an exponential increase in the volume of ransomware attacks, with the most notably being the high-profile cases involving Colonial Pipeline and JBS in the United States.
The threat landscape of cyberattacks is ever evolving and they have become much more sophisticated and varied over the last number of years, which inevitably has made much more complex for enterprises to stay safe in the digital economy.
Satya Gupta is one of the most distinguished and respected security professionals and CTOs in the entire global IT ecosystem, and he revealed how time is critical when it comes to negating the impact of a ransomware attack.
“There is something really special about ransomware. If you think about what happens in a ransomware attack, your entire compute infrastructure can be totally laid to waste in a matter of seconds. From the perspective of today’s attackers, this is heaven, because they know they can have a company on its knees in a matter of seconds if high quality protection is not in place. At the same time, modern EDR solutions that leverage AI and Machine Learning techniques monitor events across time and cannot respond in a timely manner. A prominent company in the EDR space recently tweeted that they can detect sophisticated attacks in 36 minutes compared to 6.75 days for the rest of the industry. Now compare 36 minutes to 3 seconds, which is all it takes to wreak havoc. It feels like we are bringing a knife to the gun fight. If we persist with this approach, we know we will lose!” said Gupta.
Many security professionals still bemoan the sluggishness of some enterprises when it comes to their cybersecurity strategy, and Gupta stressed that the solutions needed to protect them from attacks are on the market and lamented their attitude which is one of ‘it won’t happen to me’.
“If you divide enterprises into three categories, such as small, medium, and large, very often we see this type of head-in-the-sand mindset exist among the small and medium-sized enterprises: who is going to come after us, what do I have of value to offer? However, that is an ignorant position to have because, from an attackers’ perspective, anything he can get off you is good enough. Too many businesses are underprepared, but it’s important to highlight that ransomware happens in two parts. The first part is that your data gets infiltrated, and then the attacker encrypts it to create that crisis and trigger a situation you don’t want to be in. The second stage of the attack is the extortion phase, where you need to acknowledge that there is information out there that can be used against you. But it is important to highlight that there are solutions in the market that can protect against ransomware attacks. Enterprises need to understand that you can be attacked at any stage. In this new digital world, you simply cannot afford to be complacent when it comes to your security architecture. You must protect your organisations starting today”, said Gupta.