By Amos Aesoph, CISO
The latest trend in cybersecurity threats involves outsourcing. While in the past, most cybercriminals did their own “work” hacking into your system, a growing threat today is from third party providers who offer their services to other criminal buyers who want into your company’s data. This “Ransomware as a Service” model has grown into highly organized, profitable networks focused on taking as much money as possible from your business.
According to one study, the demand for as-a-service cybercrime was so high that 15 new affiliate schemes appeared last year. Security training firm KnowBe4 says that nearly 10% of all ransomware funds collected in the first quarter of 2021 went to these illicit third-party “providers.”
What does this mean for your IT team?
- Greater risk and more work: you can expect your environment to be under constant attack from experienced fraud “shops.” Cybercrime tactics will continue to escalate, including phishing, social engineering, and new ransomware strains you’ve never experienced before.
- More scrutiny: IT leaders are often held responsible by company leadership for failure to properly protect their company from ransomware or having a tested backup and recovery strategy. If you don’t have the right security protections in place, someone’s job may be in jeopardy--and it could be yours.
- Insurance demands: due to high-profile breaches, many companies are now expecting vendors and partners to have cyber liability insurance. To avoid having to pay out, insurers are increasingly asking companies’ IT to put certain protections in place, including endpoint detection and response (EDR) controls, and test their security measures to ensure coverage.
If you haven’t talked about ransomware and security measures with your C-level leadership yet, the conversation is likely to come soon. Xigent can help you proactively evaluate your security measures, so you can present your leadership team with a plan that meets your needs and budget.