Ransomware: dealing with the aftermath

Ransomware is currently one of the greatest — if not the greatest — online threats to organisations right now.

And although cybersecurity teams are improving their ability to detect and block ransomware attacks, some will make it through. And, as we have seen with Wannacry and others, it is not just the direct targets of ransomware that are at risk.

And the consequences of a ransomware attack can go far beyond the initial disruption, and the financial costs of meeting the attacker’s demands. How, then, should CISOs deal with the aftermath?

In this episode we look at the 30 days after an attack, and the impact of ransomware attacks on operations and reputation, and how businesses can recover.

As our guest this week — Ed Williams, from Trustwave SpiderLabs — argues, ransomware needs attention from the highest levels of the business. But blocking it, and recovering from it, also means paying constant attention to the essentials of security.

Interview by Stephen Pritchard

Image by Pete Linforth from Pixabay