As the final installment in our 6-part series on the need for multiple layers of protection against ransomware, let’s take a look at how centralized ransomware visibility ties these layers together and helps you improve your security posture. In the world of cyber security knowledge is power. One key element is threat intelligence, which provides us with critical knowledge that helps to build better products and stop potentially catastrophic cyber attacks in their tracks. But beyond malware threat intelligence, having visibility across the enterprise is also critical, especially when it comes to ransomware and the potential catastrophic impacts it can have. When you centralize that insight into how ransomware is impacting the organization, you can begin to identify key points of weakness and start tackling cyber security in a more proactive, strategic way.
Ransomware isn’t going away anytime soon. At Trend Micro we believe that as organizations look at how to tackle the number one threat facing them today, having central visibility will help them to get smarter and faster in their response.
A billion-dollar problem?
Ransomware has cost organizations and enterprise businesses hundreds of millions of dollars since it burst on the scene a few years ago. Reported FBI figures for the first quarter of this year alone have estimated losses at $209 million for the US– a huge spike from the figure of $24m for the whole of 2015. And that’s just cases that were reported. But losses can’t simply be measured from pay-outs for decryption keys. They also include downtime and lost productivity, damage to brand and reputation, and service disruption that can result from outages. At this rate, it could easily be a billion-dollar problem by the end of the year.
In terms of ROI, ransomware is one of the best ways cybercriminals have of making money today. But while the majority of attacks come via web and email channels targeted at employees, that’s not the whole picture. The bad guys are increasingly looking to exploit other weaknesses in the organization – accessing the network via unsecured third parties, for example, or exploiting unpatched vulnerable servers.
Seeing the whole picture
Leveraging threat intelligence information from the Trend Micro Smart Protection Network, Trend Micro has blocked over 100 million ransomware threats since October 2015. That’s because our solutions offer a layered defense against attacks – from the email and web gateway to the endpoint, network and servers. But with a threat that could strike at any part of the IT infrastructure, you need centralized visibility into all of these layers. This will give IT security and operations teams the kind of real-time information they need to fight back and not be held hostage by a ransomware attack.
With the ability to see the whole picture, you will be empowered to answer questions like:
Of course, there are even wider benefits associated with improving levels of visibility into your IT security environment. Most notably, having the ‘whole picture’ allows IT bosses to show the Board exactly how they’re proactively protecting the organization against ransomware attacks over time. Data on where ransomware is getting into the organization could even help make the case for additional security investments.
Trend Micro Delivers Central Visibility
As a part of a layered defense strategy against ransomware, organizations should have multiple security controls in place, across email, endpoints, network and servers. Trend Micro Control Manager offers highly intuitive, centralized security visibility across all these layers from a single console, helping to reduce IT complexity and stay on top of the ransomware threat. It provides: