Express Computer
Home  »  News  »  How Can CISOs Reduce Downtime During a Ransomware Attack?

How Can CISOs Reduce Downtime During a Ransomware Attack?

0 69

By Wayne Hankins, Senior Director Analyst at Gartner

The threat of ransomware attacks has escalated over the years, affecting organizations with disruptive aftermaths and downtimes. Meanwhile, chief information and security officers (CISOs) are under increased pressure to defend and minimize the effects of a ransomware attack on their organization.

To help improve an organization’s resilience during a ransomware attack, cybersecurity leaders, must prepare to execute a coordinated containment strategy that helps them stay resilient and recover quickly from future attacks. Failure to do so will increase the risk of uncoordinated and ineffective response, prolonging the recovery time.

How To Develop a Containment Strategy?
CISOs should work with stakeholders to develop a containment strategy to mitigate the impacts of a ransomware attack. The key objective of this strategy is to reduce the time from the attack to the containment point while limiting the disruption within the business. CISOs must follow these steps to get started:

– Identify business-critical systems and the business impact. Lean heavily on business stakeholders to help identify these crown jewels.

– Assign the level of impact these systems have on the business.

– Work with SMEs (such as architects and vendors) to understand the organization’s capabilities to isolate infected systems. The containment methods need to be clearly defined and tested.

– Predetermine the contamination risk levels for your systems. Examples of contamination risk levels include systems with little to no interdependencies, which may have a lower value than systems with many interdependencies.

– Finally, document this work in your containment strategy workbook.

Integrate the Containment Strategy into Your Cybersecurity Incident Response Plan
Due to ransomware’s impact on a business, Gartner recommends creating a ransomware playbook that includes the processes and procedures for managing this type of attack. CISOs must integrate their defined containment strategy into their enterprise’s cybersecurity incident response plan and/or ransomware playbook.

Finally, once the integration has been successfully executed, CISOs must test the reliability and effectiveness of the containment strategy in conjunction with the cybersecurity incident response plan and ransomware playbook. They must use a tabletop exercise to test their enterprise’s capability to execute its Incident Response Plan and Ransomware playbook. It will also help identify gaps in both documents that will require improvements.

Get real time updates directly on you device, subscribe now.

Leave A Reply

Your email address will not be published.

LIVE Webinar

Digitize your HR practice with extensions to success factors

Join us for a virtual meeting on how organizations can use these extensions to not just provide a better experience to its’ employees, but also to significantly improve the efficiency of the HR processes
REGISTER NOW 
India's Leading e-Governance Summit is here!!! Attend and Know more.
Register Now!
close-image
Attend Webinar & Enhance Your Organisation's Digital Experience.
Register Now
close-image
Enable A Truly Seamless & Secure Workplace.
Register Now
close-image
Attend Inida's Largest BFSI Technology Conclave!
Register Now
close-image
Know how to protect your company in digital era.
Register Now
close-image
Protect Your Critical Assets From Well-Organized Hackers
Register Now
close-image
Find Solutions to Maintain Productivity
Register Now
close-image
Live Webinar : Improve customer experience with Voice Bots
Register Now
close-image
Live Event: Technology Day- Kerala, E- Governance Champions Awards
Register Now
close-image
Virtual Conference : Learn to Automate complex Business Processes
Register Now
close-image