CIRO arms firms to face ransomware attacks | #ransomware | #cybercrime

In the wake of those efforts, the SRO has published a report that sketches out a framework for dealing with ransomware attacks, “which continue to be prevalent and are growing in volume and sophistication, [and] have resulted in significant financial losses and caused considerable reputational damage to a number of companies.”

When a firm is hit with a ransomware attack, the report recommends that dealers’ business continuity and incident response teams provide an analysis of the financial, operational and reputational impacts of the event, in both the short and long term, which arms the firm’s executive team to make sound decisions to cope with the attack.

“This framework enables the executive team to consider the range of impacts to the business and thus make an informed business decision whether to pay the ransom or not,” it said.

The decision about whether to pay off an attacker requires executive teams to consider a range of factors, it said, from assessing the likely financial impact of the incident, including whether it’s cheaper to pay the ransom than cope with the effects of the breach; to evaluating the operational impact. Regulatory considerations, such as whether paying a ransom enables the firm to best meet its duty to protect clients’ confidential information, are also a factor.

There are also reputational factors to consider, including the impact of an ongoing operational disruption on a firm’s reputation, the fallout from the fact that a firm’s data was compromised, and the reputational repercussions of paying a ransom.

“Reaching a decision to pay a ransom to a criminal actor is challenging,” the report said. “It raises emotional issues regarding the possibility of paying a ransom that ultimately rewards criminals. However, a ransomware attack presents a range of business risks to an organization, all of which need to be considered when deciding on how to respond to a ransom demand.”

Source link


National Cyber Security