Threat actors have evolved tremendously in recent years. But ransomware has become by far the most common attack launched against state and local governments. And, with an average ransomware attack costing over $4 million dollars between the ransom and remediation the costs of defending against ransomware is a significant burden for agencies that are victims of an attack.
Agencies once relied on backing up their data to survive a ransomware attack, today there’s more that can be done today. Specifically, agencies don’t have to simply hope they’re not a target, or survive an attack but can take steps to stop attacks from happening by validating the efficacy of their ransomware defenses by deploying daily automated tests based on current ransomware trends.
During a webinar focused on best practices for ransomware prevention Matthew Sweeney, Director of Software Engineering at Mandiant, explained how running routine tests can help improve data security. “Protecting against [ransomware] attacks in a realistic context are really a vital part of [an agency’s] defense. We’re not taking data that is sensitive to the organization and putting it at risk… We’re running a real attack, but we’re doing it in safe way.”
Following an assessment, the agency’s security team can see how far the white hat attackers were able to penetrate their system and identify existing security vulnerabilities. Sweeney and his team have found that with each test, organizations improve their data security, are better able to respond to ransomware attacks, and more effectively prevent threat actors from breaching security protocols.
“The wealth of information generated by a ransomware defense validation test gives agency cybersecurity leaders the context to help you apply this information effectively,” said Sweeney. “To be able to continuously validate the effectiveness of cybersecurity defenses is an invaluable opportunity to defend against what can, at times, seem like the inevitable.”
With the looming threat of ransomware attacks state and local government agencies can rest assured that there are more options to defend against attacks than ever before. With the ability to continuously, and automatically, validate their security posture against real attacks in a controlled manner. By taking proactive steps to strengthen and improve data security, agencies can stop ransomware attacks before they even begin.
Learn more about defending against ransomware here.