A comprehensive lifecycle approach to ransomware defense

  • Solutions
  • Cybersecurity and Risk
  • Karl Klaessig
  • 2021
November 17, 2021

Ransomware defense: A man's left eye shows while binary code covers the rest of his face.

Ransomware continues to be a costly and growing problem. According to Infosecurity Magazine, the number of ransomware attacks grew 288% between the first and second quarters of 2021. Cybersecurity Ventures estimated a ransomware attack occurs every 11 seconds, Cybercrime Magazine reports.

The resulting price tag from ransomware is truly staggering. Cybersecurity Ventures further ransomware damages could cost victims approximately $20 billion globally in 2021, and that ransomware costs would increase to $265 billion by 2031.

Why ransomware defense efforts fail

Your technical and business managers may recognize the threat and high cost of this cybercrime, but ransomware defense strategies are too often haphazard.

Many organizations continue to treat ransomware as a technology or IT matter alone, or as a business continuity or cyber compliance controls issue—instead of developing a comprehensive ransomware defense program.

Ransomware is often thought of in the context of threat detection and response, but this viewpoint also comes with a host of problems. For example, security operations are often stymied by too many tools, manual processes, and limited security staff and skills.

This results in a perfect environment for ransomware adversaries to circumvent controls, encrypt data, extort victims, and demand ransom payments.

Countering ransomware: A 4-phase approach

To defend against ransomware, organizations like yours need to change their defense approach. The best way to ensure end-to-end cybersecurity is with a strategic, four-phase lifecycle program:

  1. Planning: Organizations need a specific plan focused on ransomware defense. This plan must be supported at all levels and across all departments—security, IT, compliance, risk, and business management.

  2. Prevention: Although no action will guarantee ransomware immunity, organizations can take pragmatic steps to make ransomware attacks less likely and more costly for cyber adversaries to conduct.

  3. Incident response: You need an incident response plan that’s been tested and fine-tuned.

  4. Continuous improvement: Once a ransomware attack is fully under control, organizations should strive for continuous improvement by taking steps, such as assessing all aspects of a ransomware event, conducting an impact analysis, and identifying an improvement plan.


Integrate security, risk, and IT technologies

Ransomware defense should be managed as a closed-loop lifecycle program with each phase influenced by its predecessor and impacting its successor. Because this demands tight coordination across security, risk, and IT technologies, ServiceNow offers a complete portfolio of IT, security, and risk management tools that spans all four phases of ransomware defense.

Learn more in the Enterprise Strategy Group white paper, A prudent approach to ransomware defense.

© 2021 ServiceNow, Inc. All rights reserved. ServiceNow, the ServiceNow logo, Now, and other ServiceNow marks are trademarks and/or registered trademarks of ServiceNow, Inc. in the United States and/or other countries. Other company names, product names, and logos may be trademarks of the respective companies with which they are associated.

Topics

  • Work-study program student Jasmine M. with ServiceNow employee Albert O.
    Careers
    Work-study program offers high schoolers a start in tech
    We’ve partnered with Cristo Rey San Jose Jesuit High School’s Corporate Work Study Program since 2020 to empower students from underserved communities.
  • RPA: group of workers gathered around a conference table looking at a laptop
    AI and Automation
    Forrester report: ServiceNow debuts as a Strong Performer in RPA
    In our very first year of entry, ServiceNow has been named a Strong Performer in The Forrester Wave: Robotic Process Automation, Q1 2023. Find out why.
  • Generative AI capabilities: man in glasses looking intently at open laptop
    Now on Now
    How ServiceNow is using generative AI capabilities across its operations
    Generative AI capabilities can deliver rich experiences and unlock the potential of technology, people, and processes. Find out how we use them at ServiceNow.

Trends & Research

  • RPA: group of workers gathered around a conference table looking at a laptop
    AI and Automation
    Forrester report: ServiceNow debuts as a Strong Performer in RPA
  • #1 in ITSM, AIOps and IT Operations Market Share: Organizations around the world count on ServiceNow in times of change.
    IT Management
    ServiceNow is No. 1 for AIOps, IT operations, and IT service management categories by market share
  • ESG technology: green surrounding a river, woman smiling, 2 government employees in conversation
    Cybersecurity and Risk
    Survey says ESG technology drives results

Year