Ransomware tabletop exercises and why you can’t ignore them

Desktop ransomware exercises allow you to test whether your business is equipped to deal with a ransomware attack and reduce its impact. If you want to know why this is essential, sample the following statistics: Every 15 seconds, somewhere a business is affected by ransomware. This number is expected to drop to 11 seconds by the end of the current year. Since 2016, the US alone has seen 4,000 ransomware attacks on a daily basis. This is the most prominent malware threat in the world and can bring a business to its knees for an average of 21 days. And then test your preparations in a virtual environment.

The management of most organizations is aware of the fact that ransomware and cyberattacks can and will come for them, damaging their reputation, affecting business operations and ultimately affecting profitability.

For those who are not yet aware of the formidable threat posed by ransomware, recent attacks on global giants like Colonial Pipeline, Acer, CNA Financial (which paid a whopping $ 40 million ransom) have been compelling wake-up calls.

The message is clear: if you want to protect the business continuity and reputation of the brand you have built very carefully, you need to have a plan to protect your business from ransomware attacks. You can also check our ransomware list to ensure your business is properly protected.

You need to train your team in response to cyber events, you need to work with your teams to create a ransomware response checklist and you need to check the response plans for your events over and over again, under a high voltage environment simulation.

Given the recent influx of ransomware attacks that businesses of all scales and nature have had to deal with, we at the Cyber ​​Management Alliance strongly believe that this decade will deal with defense against such attacks. The only surefire way to do this is to perform regular ransomware table exercises by hiring experienced external practitioners who can give your team the kind of rigorous practice and pressure required to think clearly when the attack does occur.

How to really test your organization’s resilience against ransomware attacks?

Organizational cyber resilience is built in two simple ways – (a) by creating an event response plan that outlines what IT and security teams need to do when your business is under attack. (B) By reviewing these plans over and over again, just as airline pilots are forced to do repeated simulations of various system failures that can occur while flying an airplane.

The logic behind these two test methods is quite simple – building muscle memory. You can have as many programs as you want, but if no one knows what they are and how to execute them, what good are those programs in the first place? Similarly, an airline can buy the most advanced aircraft technology and accompanying checklists. But if pilots are not trained to rehearse these test lists in imaginary environments that test their decision-making skills in the event of a malfunction, an unfortunate occurrence is inevitable.

The idea here is not to create fear, panic or chaos, but to move to the point where desk ransom exercises are now becoming as critical to business as ever.

What is a ransom table exercise?

A desktop ransom exercise is a verbal simulation exercise that mimics exactly what would happen if your business became a victim of a ransomware attack – what assets might be attacked, what hackers might require, and so on.

During the exercise, participants are invited to actually respond to the ransomware attack as they would if it were real. Then, their actions and decisions are reviewed by the expert external facilitator, followed by discussions on how things could have been better responded to. The ransomware table exercises also open up discussions on vital aspects of ransomware hacking preparedness such as “Will you negotiate with the criminals?”, “Will you pay the ransom?” and so ‘

Summary

The plague of ransomware is on the rise and there is no denying it. Some estimates suggest that over $ 350 million has been given to ransom payments in the past year alone, not to mention the business reputation and in many cases, daily services like gas supply, health services, etc. have been affected.

This trend is likely to only intensify as businesses become more dependent on digital infrastructure with each passing day and cryptocurrencies increasingly make it easier for criminals to accept anonymous ransom payments.

What businesses can do is simply protect themselves by giving priority to cyber security, cyber resilience programs and then repeatedly practicing what to do and how to behave when under a ransomware attack using desktop exercises. They can enlist the help of professionals who have been in the line of fire in the past and leverage their experience and expertise to refine their focus and perform effective ransomware table exercises.

If you would like more information about our Ransomware exercises for the desktop, click here or call us at +44 (0) 203 189 1422 or email us here.