The group started out their conversation by discussing how the combination of good cyber hygiene and end user social awareness can go a long way towards helping combat ransomware. The group discussed the use of security awareness campaigns, with a particular focus on the idea of rewarding employees that are able to successfully identify things like phishing campaigns linked to Ransomware. Next, the group discussed the importance of reviewing cyber insurance on a regular basis. As new threats come along, it’s important to make sure that these new dangers are also covered in some capacity under your cyber insurance. One group member noted that in the wake of recent RaaS attacks, they had to add coverage for these kinds of incidents.
One of the big RaaS defense measures the group spent time talking about was sharing information. Regardless of industry or vertical, it is important then when something like an RaaS attack happens, information is shared among your fellow security professionals to help prevent the rapid spread and damages caused by these attacks. By keep effective lines of communication open and discussing potential defensive measures with your security peers, the community as a whole benefits greatly and can maintain better defenses.
The group also discussed the question of “should you pay a ransom?” A number of major government and security agencies have varying answers on this dilemma, however the group felt that the answer is going to really vary from company depending on a number of factors like legacy systems, company size, and if there is a need to keep a separate bitcoin budget in case of ransomware incidents.