Integrating Ransomware Preparedness into Organizational Cybersecurity & Operational Resilience Capabilities

Integrating Ransomware Preparedness into Organizational Cybersecurity & Operational Resilience Capabilities

What is Ransomware?

Ransomware is a type of malware designed to provide an unauthorized actor access to an organizations’ systems and to deny the use of those systems until a ransom is paid. Perpetrators of ransomware attacks typically demand monetary compensation (ransom) to maintain the integrity and/or confidentiality of customer data or to return control of organizational systems and data back to the company.

While paying the ransom is often the desired outcome from many affected organizations, the negative impacts for organizations from such attacks are typically much more far reaching and tend to include loss of revenue, loss of Intellectual Property (IP), loss of sensitive information, reputational and legal damages. These negative impacts are further amplified by the severity and duration of these attacks which are evolving and becoming more sophisticated over time.

Macro trends in Ransomware Attacks

  • In Q4 of 2019, the average ransom paid increased by 104% to $84,116, up from $41,198 in Q3 of 2019.
  • 16 days of downtime is the average for companies experiencing a ransomware incident.
  • 33% of organizations pay the ransom demanded.
  • Ryuk and Sodinokibi ransomware software has been used to attack the enterprise systems of large companies to extort up to seven-figure payouts.
  • Smaller ransomware-as-a-service software, such as Dharma, Snatch, and Netwalker, continue to blanket small businesses with a high number of attacks and with demands as low as $1,500.

How can you Prepare for a Ransomware Attack?

The OCIE has identified information security and cybersecurity as key priorities for registrants. Among other resources, the SEC maintains a Cybersecurity Spotlight webpage that provides cybersecurity-related information and guidance. The Risk Alert provides several measures that registrants should consider in strengthening their cyber preparedness and operational resiliency to mitigate and/or minimize the effects of ransomware attacks.

Ransomware Preparedness Steps