How to Prevent Ransomware: Research & Complete Guide | #ransomware | #cybercrime

Ransomware Prevention Research

A CISO or cyber risk leader needs the right data to give them insights into where they might be most exposed or at-risk to experience an attack. Over the course of two and a half years, Bitsight’s research team analyzed hundreds of ransomware events to estimate the relative probability that an organization will experience a ransomware event. Four key areas bubbled to the top.

While no organization is immune from determined cyber criminals, there are best practices for minimizing the likelihood of experiencing a successful ransomware attack. Chief among them is a relentless focus on cyber hygiene—a set of essential practices and tasks a company uses to keep systems, data, and users secure every day. Good cyber hygiene significantly lowers the chance of cyber incidents. 

Over the course of two and a half years, Bitsight’s research team analyzed hundreds of ransomware events to estimate the relative probability that an organization will experience a ransomware event. The analysis looked back over five six-month periods benchmarked against companies with a high Bitsight Security Rating for security effectiveness. At a high level, the data shows:

• Organizations with a lower Rating increasingly become more likely to become a ransomware target. For example, a Rating lower than 600 is 6.4 times more likely to be successfully targeted by ransomware compared to those with a 750 Rating.
• Poor patching cadence correlates to a nearly sevenfold increase in ransomware risk for companies with a C grade or lower.
• Companies with a C grade or lower in TLS/SSL Configurations are nearly four times more likely to be a ransomware target.
• Companies with a C grade or lower in TLS/SSL Certificates are roughly three times more at risk of a ransomware incident.

Bitsight continuously and non-intrusively assesses organizational cybersecurity performance by evaluating security performance observations across 23 different risk categories. Bitsight processes more than 250 billion security measurements on a daily basis to provide an objective Security Rating based on its observations that is independently verified to be correlated with risk of incident.

Letter grades provide a quick way to understand how a company is performing in each risk type, as well as a meaningful way to compare risk type performance of one company to another. They are directly correlated to how well a company is performing, relative to all companies in the Bitsight inventory:

• Grade A is the top 10% of companies.
• Grade B is the top 30% of companies.
• Grade C is the top 60% of companies.
• Grade D is the bottom 40% of companies.
• Grade F is the bottom 20% of companies.

Figure 1: Risk Based on Patching Cadence Grade. Poor patching performance correlates to a nearly sevenfold increase in ransomware risk for companies with a C grade or lower. 

Figure 2: Risk Based on TLS/SSL Certificates Grade. Companies with a C grade or lower in TLS/SSL Certificates are roughly three times more at risk of a ransomware incident.

Figure 3: Risk Based on TLS/SSL Configurations Grade. Companies with a C grade or lower in TLS/SSL Configurations are nearly four times more likely to be a ransomware target.

Conclusion: Cyber hygiene matters

It’s unlikely that lapsed TLS/SSL encryptions or a missed patch would be the singular, direct cause of a successful ransomware attack. But, it indicates that the cybersecurity program has poor cyber hygiene and may have gaps in vulnerability management, a challenge with Shadow IT, or program management, all of which increases cyber risk. A program with good cyber hygiene and high maturity will effectively address concerns like patch, vulnerability, and configuration management. While the Rating and risk vectors offer specific evidence, the reducing ransomware risk will come from an overall improvement in cyber practices. Risk reduction comes from an overall improvement in practices.

Companies that demonstrate strong cyber health have a lower risk of successful ransomware and other cyber attacks, offering a variety of positive benefits: 

• Preventing catastrophic outcomes, such as financial losses and business downtime
• Instilling stronger brand reputation and trust with partners, vendors, and customers
• Increasing the chance of gaining cyber insurance coverage and better premiums

Interested in seeing how effective you are at preventing the risk of ransomware? Get your organization’s Bitsight Security Rating and see how your security compares to industry benchmarks or explore more details about our ransomware research.

Avoiding Ransomware with Bitsight

Bitsight is the world’s most widely adopted security ratings solution, providing data-driven, dynamic measurements of an organization’s security performance. Bitsight enables security performance management and third-party risk management that can help security teams minimize the chances of a successful ransomware attack on their organization.

Security Ratings

All Bitsight solutions are built on Bitsight Security Ratings, which are independently verified to correlate with data breach risk. Rather than conducting periodic scans, Bitsight continuously measures more than 250 billion security measurements on a daily basis to provide an objective security rating based on organization’s performance in 23 risk vectors. These daily cybersecurity ratings range from 250 to 900, with the current achievable range being 300-820. These include in categories like compromised and exposed systems, patching rates, critical vulnerabilities, user behavior, and publicly disclosed data breaches.

Bitsight Security Ratings provide a common language that is understandable by both technical and non-technical employees, executives, and board members. And most importantly for ransomware prevention, independent research shows that Bitsight Security Ratings correlate to data breaches. For example, companies with a Security Rating of 500 or lower are nearly five times more likely to have a breach than those with a rating of 700 or higher.

Security Performance Management

With this Bitsight solution, security and risk leaders can measure the performance of their cybersecurity programs to align investments and actions with the highest measurable impact over time. When determining how to avoid ransomware, Bitsight for Security Performance Management offers insight into the organization’s control of peer-to-peer file sharing, patching cadence, security hygiene, and other security protocols that can help to mitigate the risk of ransomware.

Third-Party Risk Management

This Bitsight solution immediately exposes risk within the supply chain, helping to identify risky issues that could enable a successful ransomware attack originating within a vendor’s network. The insight Bitsight offers into vendors’ security performance enables organizations to act swiftly to help vendors address their security issues and to put controls in place to protect the organization.