Posted by TD SYNNEX Editor on Feb 15, 2022
Photo by Mohamed Hassan from Pixabay
Ransomware attacks pose an undeniable threat to the global business environment, reaching levels that easily qualify as an epidemic. According to Cisco, the total number of distributed denial-of-service (DDoS) attacks worldwide will reach 15.4 million by 2023.
Rapid technological advancements are also making matters more complicated. Now, the technology behind ransomware attacks is evolving and becoming more sophisticated than ever. One of the most effective preventative measures involves forming a comprehensive security plan powered by next-generation technologies, the kryptonite for cybercriminals.
We’ve sat down with security expert Alex Ryals, VP, Global Security Solutions at TD SYNNEX for a deeper dive on this critical topic and how we can expect the cybersecurity landscape to evolve within the near future.
This article is a transcript of an interview conversation. The content has been edited for clarity and brevity.
First, it’s important to understand what the issue is around ransomware. It’s become an epidemic around the country and the world. CEOs cite ransomware as one of their top concerns around threat vectors for their organizations.
Ransomware attacks used to be limited to withholding data until a ransom was paid. A few adjustments in tactics later, attackers now gather data and threaten to release it publicly or alter the data and demand a ransom to identify what changed.
In this most frightening scenario, companies can become stuck grappling with inaccurate data about their customers and finances as employees continue their everyday jobs. This ransomware attack trend has hit the scene very recently, and we will continue to see this worsen throughout 2022.
Per incident cost, organizations are rethinking how they spend their dollars. We’ve seen companies increase the security aspect of their IT budgets from about 10% in 2020 [1] to 15–40% in 2021 [2] because they are realizing the importance of mitigating these security risks.
Threats take an average of 287 [3] days for companies to detect and contain and ransomware attacks don’t always happen right away. Often, companies are compromised by nation-state actors who will spend those 287 days in your network evaluating it, researching it, understanding what your production and test servers are and who the key players are in the organization. Then, they proceed to launch a ransomware attack against your most critical devices and systems. So, focusing on threat detection technologies to identify the threat beforehand while it’s still dormant, is a critical part of ransomware mitigation.
Attacks can come from everywhere. Some threats come from phishing email scams, while others disrupt the network. One of the main causes of ransomware attacks is misconfigured systems. The threat can be complex and multi-directional, which is why we teach customers this concept of what we call zero-trust and defense in depth. Zero-trust is the idea that you verify the identity of every user and device that wants to connect to your network. Defense in depth is the idea that you can’t just put up a firewall and call it a day — you must have the multi-layers depth of security solutions to truly protect your organization.
Ransomware is going to continue to evolve. I’ve mentioned that we’re starting to see cybercriminals modify your data. They don’t encrypt it or steal it — they change it, which presents several issues.
Cybersecurity skill shortages present a widespread problem today, which is why TD SYNNEX has launched programs such as our Passage Program™ that focuses on training people with cybersecurity skills and placing them in our channel community so that they can help their customers.
Malware automation is going to continue to become more sophisticated, as hackers are now using artificial intelligence engines to write phishing emails. An AI engine can sound more human than an individual who wrote a phishing email a couple of years ago. Previously, you could detect a phishing email because the messages appeared broken with grammar errors. Well, now you will find it very difficult to spot the real from the fake — which means more phishing attacks.
Attacks on remote workers will persist. We experienced this trend during the past year, but as it becomes the norm, hackers have figured out that home networks are much less secure than corporate networks, so compromising an executive working at home is an easier target. Thinking about how we advance remote worker security is critical.
When we examine ransomware mitigation solutions specifically, we think about it in terms of what we want to provide that
With those three steps, it comes down to what products and services do we need to have in each of those categories to offer an effective solution. One of the ways we approach this is through our StreamOne™ Ion Enterprise cloud marketplace by offering Click to Run™ solutions. These are pre-configured cloud-based offerings that combine two or more vendor products along with services and some customization, delivered via an automated deployment.
For security, we have launched a Ransomware Mitigation solution that incorporates an endpoint security offering, backup/recovery solution and a SIEM (Security Incident and Event Management) offering. The SIEM is the single pane of glass view where we can identify a security threat across the servers, storage, networking, applications and endpoints. The Ransomware Mitigation solution leverages a customized version of Microsoft Sentinel for the SIEM which includes custom policies and configurations out of the box.
In addition to the products, we’re coupling services with support where we can help you deploy the offering and even manage it in some cases. Our services are a part of intellectual property (IP), which supports the technology. Along with the innovative technology that goes behind each of these solutions, we’re also offering materials and collateral to help the partner be effective in selling these solutions.
We’re starting to see more regulation around cybersecurity in the US. In Europe, they launched the General Data Protection Regulation (GDPR) and some cybersecurity and data privacy-related controls. This will apply within the next year or two in the Americas as well. So, with that in mind, partners need to begin ramping up security efforts.
Pay attention to the regulation and invest now as a partner in cybersecurity because as the regulation hits, customers will need to have offerings to stay competitive and ahead of the evolving security landscape. TD SYNNEX is committed to releasing new and upgraded solutions over time that partners can sell to their customers in need of enhanced security offerings.
To learn more about our catalog of Click to Run™ offerings, please visit the Solutions Factory. Also, be sure to check the StreamOne™ Ion Enterprise Platform to explore our security-based solutions.
Sources:
[1] Deloitte Insights: Reshaping the Cybersecurity Landscape
[2] SC Media: Security Spending will Top 40% in Most 2021 IT Budgets
[3] IBM Report: Cost of a Data Breach Hits a Record High During Pandemic
