It's no secret that the technologies and practices behind ransomware are evolving.
With every new cybersecurity approach, there seems to be a whack-a-mole nature to protecting against new ransomware methods. The chief victims of ransomware's newest obsession are the assets of critical infrastructure and industries.
Attacking the inflection point between physical and digital assets in critical functions such as healthcare, manufacturing, and energy creates more urgency and pain than conventional cyberattack strategies.
This is the problem that Trevor Dearing, Illumio Solutions Marketing Director, and Eric Hanselman, S&P Global Market Intelligence Chief Analyst, sat down to discuss in their recent webinar.
Watch this clip to get insight into organizations' expectations and preparation for ransomware, and watch the full webinar here.
Here are the three cybersecurity recommendations for critical infrastructure organizations shared during the webinar.
1. Critical infrastructure must prepare for exponential ransomware increase
The critical infrastructure obsession for bad actors makes a cynical amount of sense, and industry leaders are well aware of the impacts that come along with it.
"Ransomware attacks in healthcare have increased by 328 percent in H1 2022 alone," said Dearing. "Every day we read about yet another attack."
The number of cyberattacks is up - and their strategies are evolving quickly.
"One thing we've seen a lot lately is using ransomware as a denial-of-service attack. If you can stop a medical scanner or monitor in a hospital from working, then that has a major effect that people will pay up to prevent," explained Dearing.
2. New ransomware threats require new cybersecurity approaches
Organizations have felt immense pressure to rapidly expand hybrid IT in the past few years, but their security practices oftentimes haven't kept up with these changes.
"OT teams are substantially more concerned about security aspects of what they're building and deploying than traditional IT teams are," Hanselman said. "The approaches from the OT and IT side are often not fully aligned."
Furthering this misalignment between IT and OT, the trend towards rapid digital transformation makes organizations more vulnerable to ransomware in places where both sides of the cybersecurity coin needed to operate in perfect lockstep.
"A lot of organizations don't understand what the extent of the problem is," said Hanselman. "Organizations are relying on traditional methods to manage this. New problem, old approach."
Dearing chimed in, explaining, "Plans are based too much on what used to happen, compared to the impact ransomware actually has on a business today."
This discrepancy shows up in the data. Hanselman highlighted a swathe of S&P findings from a survey on the expectations versus realities of traditional endpoint security:
Out of 32 percent of organizations that expected their endpoint security to interrupt an attack, only 25 percent of them found such success.
On the flip side, while only 7 percent of respondents assumed they would have to pay a ransom to restore their data after a ransomware attack, a whopping 22 percent did so in reality.
3. Address ransomware risk with Zero Trust Segmentation (ZTS)
Fortunately, the toolkit is there to meet these myriad challenges head-on.
Dearing and Hanselman lit up as they discussed the pathways forward for organizations struggling to combat the onslaught of ransomware.
Dearing highlighted the importance of visibility, a strength of the Illumio ZTS Platform.
"One of the keys between OT and IT is the ability to see what is talking to what. It gives us that capability to understand where we need to put security policies in place," he explained.
Another one of ransomware's vicious traits is lateral movement within an organization. It's remarkable how quickly bad actors can pivot from a vulnerable endpoint to a critical function. Staying ahead of those movements is critical.
"[There's a need] to adopt a new way of thinking. Rather than always trying to keep the ransomware out, we should understand how we can contain that ransomware and keep the business running, even during an attack," said Dearing. "That's fundamentally one of the key things Illumio does for their customers."
It's clear there's an urgency for those who haven't made the jump to cyber resilience to understand where they're at and what they need to do next. But after Dearing and Hanselman's conversation, it's also clear that the right solutions are out there to stay ahead of ransomware's evolution.
ZTS is the fundamental building block of any security strategy
ZTS is proven to help organizations of all sizes, from Fortune 100 to small business, stop breaches and ransomware in minutes, save millions in application downtime, and accelerate digital transformation projects.
New research from Enterprise Strategy Group (ESG) surveyed 1,000 IT and security professionals worldwide to discover that 9 in 10 organizations are focused on advancing Zero Trust to prevent breaches from being catastrophic.
The research finds that those prioritizing segmentation, a pillar of any Zero Trust strategy, achieve better business and security outcomes - from averting 5 cyber disasters annually to saving $20.1M from avoiding application downtime.
The Illumio ZTS Platform is the industry's first platform for breach containment. Scalable yet easy to use, Illumio ZTS provides a consistent approach to microsegmentation across the entire hybrid attack surface - from multi-cloud to data center to remote endpoints, from IT to OT.
The platform visualizes all communication and traffic between workflows, devices, and the internet in one console, automatically sets granular segmentation policies to control unnecessary and unwanted communications, and isolates high-value assets and compromised systems to proactively or reactively stop the spread of a breach.
Ready to get started with Illumio Zero Trust Segmentation? Contact us today for a demo and consultation.