How to achieve ransomware resilience in three steps

Article by Bitglass CTO Anurag Kahol.


Amid a global pandemic that has challenged organisations to shift to remote operations, cyber-criminals are ramping up their attacks, particularly with ransomware. Malicious parties are taking advantage of the ‘new normal’ work environment to launch ransomware attacks that target gaps in companies’ security postures.

Organisations need to have adequate cybersecurity controls in place as attackers are in a prime position to exfiltrate personally identifiable information (PII) or get their victims to pay ransoms.

All organisations need advanced threat protection to stop ransomware attacks and ease the impact if they do occur. By deploying the right technology, firms can build a resilient IT ecosystem that ensures business continuity.


Implement on-device SWG

The internet serves as a valuable vehicle of attack for cyber-criminals, which is why defence against malicious web destinations (malware, phishing, and command-and-control sites) is critical. This protection is best achieved through the use of a secure web gateway (SWG).

This technology helps organisations to defend against online threats by stopping access to malicious destinations in real-time. However, as otherwise innocuous web destinations can be used to download infected files (for example, through file attachments on Gmail), being able to scan files for threats at download and block them in real-time is critical functionality.

Businesses should use an on-device SWG that decrypts and inspects traffic locally on each endpoint, avoiding backhaul latency, privacy violations, and the cost and scalability challenges associated with SWG appliances.

Additionally, leading SWGs should serve as one part of a secure access service edge (SASE) platform along with technology such as cloud access security brokers (CASBs) and zero trust network access (ZTNA) for reliable, wide-ranging protection.


Deploy multi-mode CASB

CASBs are designed to secure the cloud for organisations, providing defences for corporate software-as-a-service (SaaS) apps and infrastructure-as-a-service (IaaS) platforms.

CASBs can be deployed in different modes that can shield against ransomware in…