Ransomware Special Reports

How to protect your firm from attack By Ann-Marie Corvin D ue to the sheer volume of ransomware and the efficiency with which attacks are carried “Signature-based ones compare ransomware sample hash to known

users to authenticate themselves on a regular basis to access a network and only giving people the rights and access needed to perform their role, risks are minimised and any incidents that do occur can be more easily contained.” Besides verification, the other pillars of zero-trust security include val- idating devices, limiting access to privileged users wherever possible, and then applying machine learning and AI to all these factors to step up the authentication processes where necessary. Malware detection techniques are also recommended to prevent attacks before they infiltrate a network. Lewis West, head of cyber security at Hamilton Barnes, broadly outlines three common methods of ransom - ware attack detection.

signatures; the second method compares new behaviours against historical data while the third, a de - ception-based method, use a ‘honey- pot’ to deceive malicious actors into interacting with a decoy system to expose what the hacker’s intentions are.” Ioan Peters, head of cyber risk at Kroll adds that deploying a managed de - tection and response (MDR) solution, benefitting from curated threat feeds, on-hand expertise and tactical advice can also mitigate some of the threats that are evolving daily. Addressing concerns over software vulnerabilities, Nigel Thorpe, tech - nical director at Secure Age adds that these can be alleviated in part by controlling and listing permitted

out – not to mention the abundance of platforms, apps and IT tools that offer bad actors a way in – most experts believe that firms should take the stance that it’s not a matter of if they get hacked, but when. As a result, the mantra ‘never trust, always verify’ has become this dec - ade’s de facto cyber security ap - proach. This strategy of ‘zero trust’ assumes that untrusted actors exist both inside and outside the corpo - rate network and every user access request must be authorised. This also means deploying multi-factor authentication (MFA) to access IT systems and updated access lists, according to KPMG’s Fouere. “With a combination of asking all


Powered by