The Cost Of Ransomware

In this episode of Life of a CISO, Dr. Eric Cole is all about Ransomware.

Ransomware is when an adversary hacks into your system and makes your critical data inaccessible until you can pay a ransom.

Many practices we have to prevent ransomware are ineffective in real-world scenarios.

Many of us are careless and use the same device for surfing the web and checking email as we do for accessing critical data.

Watch this episode to learn how you can defend yourself against ransomware.

In this episode:

  • 0:21 Ransomware is where malicious software takes your data hostage
  • 1:00 Many organizations confuse replication with backup.
  • 2:00 The difference between replication and backup
  • 4:23 Work with IT to do exercises on what the response would be to ransomware attacks?
  • 4:56 Organizations do not fix vulnerabilities
  • 5:08 They don’t have a plan for an attack
  • 7:53 Ransomware is cyberattacks for profit
  • 8:48 If you have the vulnerability, the bad guys will find it (again)
  • 10:55 Should you pay the ransom?
  • 12:20 Organizations that don’t pay the ransom aren’t helping themselves
  • 13:04 “Let’s make paying ransom illegal” is a terrible idea
  • 14:55 When drugs became illegal, the price increased and crime became organized
  • 15:24 How vulnerable are your systems?
  • 18:22 A world class CISO delivers what he promises, and is honest if he doesn’t know.
  • 19:15 How do the attackers get in?
  • 22:50 Why is email a file transfer system?
  • 24:11 I have an iPad only for checking email/surfing the web
  • 25:35 3 Tier architecture
  • 27:04 Server attacks
  • 27:51 Critical infrastructure systems MUST be air gapped
  • 30:01 Review