Ransomware and cryptocurrency. The hybrid workplace. The cyber skills labor shortage. It’s all top of mind for CISOs, CEOs and board members concerned with these accelerating trends. The current ransomware phenomenon has leaders monitoring an evolving threat landscape as businesses and governments alike act to limit ransomware risk. The risks and the threat actors change, but the company’s primary goal remains the same: keep the business running. No one can afford an attack that shuts operations down for any length of time.
The availability of cryptocurrency — the mechanism for collecting most ransoms — has enabled and emboldened ransomware gangs. Meanwhile, leaders’ challenges with retaining skilled cybersecurity professionals compound risks and hinder resilience. What are the best ways to strengthen resilience and develop a broader security posture? Let’s take a closer look.
Cryptocurrency as ransom
While bad actors continue to steal data from small- and mid-tier businesses that lack a proper defense, better-funded targets can fend off most data breaches. Ransomware attacks, however, are on the rise for all organizations. They do more damage than breaches. Instead of merely stealing data, these attacks halt business operations, costing businesses lost revenue in addition to the ransom payment — creating more expenses as operations are restored.
Ransomware attacks are complex; attackers gain access to the environment and may remain there undetected for weeks or even months. They learn the locations of sensitive information and who the key employees are. Finally, they remove business critical data and then take over system operations to stall and extort the business.
We know that ransomware gangs, our modern-day bank robbers, are smart, highly skilled and well-funded. The total value of ransomware-related suspicious activity reports during the first six months of 2021 was $590 million: more than all of 2020, according to a financial trend analysis from the U.S. Department of the Treasury. So, it was encouraging to see the Treasury, in September of this year, announce it’s taking several actions to disrupt virtual currency exchanges responsible for laundering ransoms, while also improving cybersecurity within the private sector and increasing incident and ransomware payment reporting to U.S. government agencies — all as a way to thwart ransomware gangs.
Bridging the cyber talent shortage
By far, the most critical threat to businesses today is the cybersecurity talent shortage. Businesses struggle to retain the people who can identify risks and close gaps to prevent a ransomware attack. Remote and hybrid workplaces — while initially COVID-19-driven concerns — have now introduced other workforce challenges.
Disruption of the cybersecurity workforce is a significant source of risk that impedes an appropriate response to cybersecurity issues. Strategies to backfill and retain a full cybersecurity roster are central to maintaining a strong security posture. Now, at a time when businesses have reason to augment cybersecurity teams, even highly desirable employers are losing good people to competitors. As such, leaders are leveraging both new and proven approaches to keep their best cybersecurity professionals on board and backfill via other means.
These leaders are building stronger relationships with employees to convey appreciation, enhance performance and build loyalty. With remote workforces, relationship building requires greater creativity and intentionality, such as virtual happy hours, 1:1 in-person coffee meetings or regular virtual check-ins with staff. Professionals also value empowerment in their role. Providing assignments with well-defined objectives and sufficient resources to achieve them enable staff to operate independently, perform well and discourage them from looking for new jobs.
Leaders are also outsourcing routine functions like vulnerability scanning and augmenting internal security operations teams to specialists. Managed technical services offer staff augmentation paired with consulting expertise, so businesses can balance insourcing and outsourcing as they see fit.
Finally, we can’t ignore that people do leave for better salaries — even when they love their jobs and their working relationships. To stay competitive and retain quality talent, leaders may have to offer salary increases that exceed previous budget assumptions. By discussing these leading practices and potential pitfalls to the C-suite and board, businesses can realign compensation plans to reflect the higher rates cybersecurity professionals command now.
Where cybersecurity leaders and boards should focus
Looking to the future, cybersecurity leaders and board members must consider how resources are allocated to manage current and future threats. They will want to evaluate how the business changes over time, impacted by mergers and acquisitions or the adoption of emerging technology, all of which introduce new cybersecurity vulnerabilities. Businesses will drive progress toward cyber resilience maturity by factoring security considerations into every business decision, with a particular focus on the infrastructure, budget and resources necessary to recruit and retain a cyber-skilled workforce.