Can’t see the forest through the trees. Can’t tell the ransomware from the apps. Can’t contain the malware if you can only see parts of the network. Ransomware hackers have several different tools in their toolbelt to gain access to a computer and then a network. Common exploits include email phishing campaigns, remote desktop protocol (RDP) vulnerabilities, and software vulnerabilities.

Enterprises have benefited from encapsulating applications into lightweight, independent units called microservices. By adopting an architectural pattern of loosely coupled and independently deployed services, microservices can rapidly deliver complex applications at scale without the typical technical debt of legacy applications.

National Cybersecurity Awareness Month (NCSAM), held every October, highlights a key theme each year. For 2022, the theme is: “See Yourself in Cyber.” Cybersecurity is more than a set of principles or tools—people are a major component, helping keep businesses safe by complying with multi-factor authentication, using strong passwords, keeping devices updated with the latest software, not installing unapproved software on devices, and reporting phishing.

In today’s business environment, the risk of a ransomware attack is high and continues to grow. Threat actors are well financed, motivated, and very organized. While securing your environment and infrastructure is critically important, preparation to respond to an actual ransomware attack is essential. With an incalculable number of potential vulnerabilities and attack vectors, you have to be prepared to effectively respond to and recover from an attack.

The State of Ransomware in Government 2021 report finds that government agencies are facing a ransomware “national emergency.” Local governments in particular face higher rates of encryption during cyber attacks due to constrained budgets and organizational pressure to divert funds away from cybersecurity, leaving gaps in their data protection.

Ransomware and other malicious threats have become commonplace around the globe. But the reality is, whether it be encrypted records, stolen email credentials, or exfiltrated financial statements, these incidents generally involve a limited number of individuals or groups. Before your feathers are completely ruffled, understand that by no means am I minimizing the impact cybercriminals can have on a business. But have you considered attacks of greater scale? Perhaps those that affect the populus?

Chris Krebs, former Director of the Cybersecurity and Infrastructure Security Administration (CISA) and the new Chair of Rubrik’s CISO Advisory Board, joined us at FORWARD to discuss ransomware, cyber resilience, and all things data security with co-founder and CTO, Arvind (Nitro) Nithrakashyap. His vast experience working with executives, government officials, and IT experts across the country has given him a unique insight into cybersecurity, which he shared, only at FORWARD.