Fueled by an expanded remote workforce from the pandemic , ransomware attacks increased 148%. At the same time, ransom payment demands are increasing quickly, with demands to the tune of $10 million and up becoming less and less rare. Additionally, more than 70% of ransomware attacks in Q4 involved the threat of data exfiltration as a means to encourage a ransom payment. However, payment is no guarantee that any of the stolen data will be returned, or in the case of data exfiltration, deleted.
The ransomware threat is very real and may seem overwhelming. However, there are concrete steps you can take to prepare your organization in the event of an attack. In this free guide, Marsh’s cybersecurity professionals share common concerns related to ransomware – and provide some best practices to address them.
What’s in the Guide?
1. How should I approach developing an incident response plan for a ransomware attack?
We walk you through the steps of developing a decision-making framework, which will help you analyze whether you can restore data and systems on your own and other considerations when deciding whether it makes sense to pay an extortion demand. We also address the regulatory implications of ransomware, the value of engaging external counsel and extortion services providers, and the importance of running a tabletop exercise – to name a few.
2. How can I limit potential exposure to attacks?
The top three ransomware attack vectors are remote desktop protocol (RDP) compromise, software vulnerabilities, and email phishing. Learn key cyber hygiene practices every company should take to mitigate the effects of a ransomware attack via these common attack vectors.
3. How much can a ransomware attack cost me – and what comes next?
Do you know the financial impact of a potential attack? It’s critical for your organization to frame cyber in the same terms as your other business risks, and evaluate risk management investments similarly. In the guide, we discuss how risk transfer can help protect your organization’s balance sheet and provide resources if risk mitigation tactics fail. Cyber insurance can provide comprehensive coverage for ransomware attacks, including the ransom demands, business downtime, and associated costs.