Ransomware is unlike most threats security teams face because it is virtually impossible to prevent and uses native processes, built into your trusted operating systems, to rapidly spread.
So considering the speed and extent by which ransomware can topple an organization, what is the best approach for addressing this seemingly existential threat? We asked Forrester Research’s Joseph Blankenship and Chase Cunningham to share insights as part of a four-part series with Siemplify.
Part 1 examined the inherent need for automation inside the SOC. Part 2 revealed how orchestration and automation intertwine with an organization’s broader security efforts. Part 3 (watch below) will describe the impact of a ransomware infection and why the traditional prevention-only, “one-and-done” mindset has virtually no effect on keeping you protected.
“[A ransomware infection] is a likelihood of 100%,” Cunningham says. “It’s just a matter of when. And it shouldn’t end the business. It should be something you can respond to. But you can’t respond to it if you don’t have the capability to respond at scale. This is something that is going to require automated capabilities to actually fix the problem.”
The fourth and final part of our series, coming next week, will consider the role of security orchestration, automation and response (SOAR) technology within service providers. Enjoy this week’s video!