This updated matrix considers the threat frequency, enterprise vulnerability, and impact of ransomware
            and other malware.

            Remediating the ransomware risk

            How do you lower the risk associated with a ransomware attack? Historically, prevention and detection
            have  been  the  main  defenses  against  malware,  but  for  ransomware  we’ve  already  shown  these
            approaches are only moderately effective. Recreating lost data is usually impossible or impractical. Some
            victims have paid to recover their data, but this is a chancy (and morally ambiguous) approach. Further,
            data encrypted by worms like NotPetya are unrecoverable.

            This leaves recovery as a keystone strategy to minimize the impact of ransomware to your organization.
            An automated, tested recovery plan for all your critical systems is the best way to minimize the damage
            inflicted by a ransomware attack. Infrastructure such as Active Directory, DNS, and DHCP must be your
            top priority because they are foundational to recovering everything else on your network.

            Ransomware attacks are the leading cause of organizational IT disruption today. Business continuity and
            disaster  recovery  planning  need  to  take  this  new  reality  into  account  and  update  their  risk  analysis
            accordingly.  Recovery  has  traditionally  taken  a  back  seat  to  prevention  and  detection  for  malware
            protection, but today rapid, automated restoration of your systems and data may be the only shield your
            organization has against corporate Armageddon.

            i  Multiple sources – Microsoft SIR, Verizon, etc.

            ii https://cybersecurityventures.com/global-ransomware-damage-costs-predicted-to-reach-20-billion-usd-
            by-2021/

            iii  https://www.recordedfuture.com/state-local-government-ransomware-attacks/

            iv   "Shut the door to cybercrime…" Ignite 2017, BRK3016, 35:45


            About the Author


            Mickey Bresman, CEO, Semperis
            Mickey is a co-founder of Semperis and leads the company’s
            overall  strategic  vision  and  implementation.  A  long-time
            enterprise software expert, Mickey began his technical career in
            the Navy computing technical unit over a decade ago. Prior to
            co-founding Semperis, Mickey was the CTO of a Microsoft gold
            partner integration company, YouCC Technologies, successfully
            growing  the  company’s  overall  performance  year  over  year.
            Mickey  holds  a BA  in  Technical  Management and  a  Minor  in
            Electronic Engineering.
            Mickey  can  be  reached  on  Twitter  at  @ber_mic  and  at  our
            company website http://www.semperis.com/





            Cyber Defense eMagazine – August 2020 Edition                                                                                                                                                                                                                        76
            Copyright © 2020, Cyber Defense Magazine.  All rights reserved worldwide.