NIST Privacy Framework : Our Essential Data Protection Guide

Close

BLOG

Ransomware Payment: How to Determine the Worth of Your Data

BY RYAN TULLY
January 5, 2023

By 2031, ransomware attacks are predicted to cost organizations as much as $265 billion each year, with an average of one ransomware attack occuring every two seconds. How well is your organization protected? Do you have strategies in place to determine the worth of the data that’s being held?

Many organizations make ransomware protection mistakes that increase their financial and reputational risks. However, even those following best practices will experience some level of risk. If your organization does become the victim of a ransomware attack, it’s important to know precisely what data was compromised. This is the only way to determine how much it’s really worth to your organization.

What is ransomware?

Ransomware is a form of malware capable of taking control of your devices and data. These malicious programs encrypt files in your system and render them inaccessible unless a payment is made to the attacker. The cost of a malware attack is steep with an average payment of $812,360. While larger companies may be able to weather this storm, small and even mid-sized companies may be unable to recover financially should their organizations come under attack.

Should I pay a ransomware payment?

The FBI does not recommend organizations pay ransomware demands. However, other experts disagree. There are significant risks in paying a ransomware payment, including trusting a criminal party that may not actually release your data. In many cases, making a ransomware payment may also be illegal.

Unfortunately, one of the most common targets for ransomware attacks is critical infrastructure like hospitals and other healthcare facilities. The FBI’s Internet Crime Complaint Center reported 649 attacks on critical infrastructure entities in 2021, and the risks to these organizations only continue to rise. In these scenarios, payments may be made to expedite the return of essential services or in an attempt to prevent the release of sensitive data.

Ways to mitigate ransomware damages ahead of time

With more than 100 types of ransomware in circulation, your organization faces a massive outside threat. However, victims of ransomware attacks with comprehensive and data-centric security protocols face brighter futures than those in the dark on their company’s data. Here are the best ways to protect your organization.

Know the data in your control

How can you effectively respond to a ransomware threat without first knowing what information was stolen? The answer? You can’t.

You need to know your data. More specifically, what data you have and where it lives from endpoints in a physical office building to data in the cloud. This also includes devices and information being accessed by remote team members.

By knowing what information you have and having it properly classified, you may even be able to shut down a ransomware threat immediately. If stolen data is already accessible through other outlets, your organization can make a decision on how to proceed based on the knowledge that data taken by the cybercriminals is effectively worthless as a bargaining chip.

Actively monitor data for irregularities

Reaction time is critical when addressing cybersecurity threats. However, response times are often measured in days or weeks for many organizations. Proactive protection in the form of data monitoring presents a better approach to security.

An effective data monitoring program can give your organization insight into when files are accessed and by whom. Further, these programs can automatically flag anomalies to expedite incident response times.

Create proper procedures to address threats

Any worthwhile ransomware prevention checklist will include a comprehensive approach to cybersecurity. This includes more than just hardware and software solutions. Your team needs to be consistently trained on the ever-changing threat of ransomware. Your policies should also include clear incident response procedures that include notification and reporting plans.

Unfortunately, many companies fail to address cybersecurity threats adequately ahead of time. This leaves them increasingly vulnerable to threats as attacks become more sophisticated. Conversely, a robust data loss prevention strategy with a data-centric approach to security is the only way to reduce your organization’s risks.

Prevent and address the rising threat of ransomware attacks

To stop ransomware in its tracks, you need to be proactive. Your security solutions need to be powerful enough to protect against threats but customizable enough to allow your team to work effectively during day-to-day operations.

The Spirion Governance Suite offers full-featured solutions and a wide range of integrations to improve your security posture while remaining user-friendly. See how you can give your security team greater visibility and control over your organization’s data when you watch our product demo. You can also contact us with any questions you may have about our products.