Articles

The state of ransomware and preparing for attacks

Jeff Schwartz, CISSP, is the VP of Engineering, North America, for global cyber security company, Check Point Software. He manages a team of 200~ engineers across multi-disciplinary fields, and he’s responsible for all security engineering resources across a $1 billion portion of the business in North America. Over his 20-year career in cyber security, Jeff has consulted, designed, and overseen the implementation of the largest network security deployments across all industries, and throughout both the Fortune 500 and major government agencies.

In this interview, Check Point’s VP of Engineering, North America, Jeff Schwartz discusses ransomware threat trends, the world of ransomware and remote work, and how to prepare for attacks. This interview provides premium cyber security insights that you won’t want to miss.

What ransomware threat trends are you seeing?

We see that ransomware is not only increasing in terms of individual attacks, but also as-a-service. The operationalization of ransomware –as both an attack vector and a monetization model for threat actors- is certainly increasing in a consequential way.

Among organizations that have traditionally treated both endpoint compromised and the mobile consumption of applications as ancillary elements of their security operations, the effect has been tremendous.

Speaking to that a bit further, the impact of ransomware on mobile devices is also increasing substantially. And, what we’re seeing is that, for the most part, adoption of security controls with preventative characteristics in relation to mobile and IoT are having a net-positive operational effect.

Can you speak to the effect of supply chain attacks?

We’ve seen these types of attacks manifest in significant ways recently. There were a number of severe events across the past few months that were quite impactful.

These companies owned cyber security products. So, it’s not just a function of investing in secure solutions and then operationalizing them within your environment. The question becomes, ‘are you investing in vendors and providers that have security built into their DNA?’

Organizations should find out about whether or not and, if so, how vendors are secured. This is not merely a compliance exercise, this is not a checking the boxes activity. Strong cyber security ensures business continuity. In the world of supply chain attacks, it’s not just about selecting products with the right features, but how critical those vendors take security in protecting their own products from exposure.

The relationship between remote work and ransomware?  

Remote access is being prioritized in this post-COVID environment. Your end users and the devices that they access resources from is the new security edge. The surface area of exposure that this represents in most organizations is enormous. Traditional security approaches to solving these areas of exposure at scale and with proper preventative controls are inadequate.

Up until this point, there have been decades worth of investment in traditional antivirus and more recently, investment in endpoint detection and response. Nonetheless, there is currently an extremely fragmented security approach within product adoption for remote user populations, especially given the diversity of assets, the diversity of the user populations themselves, and the diversity of applications that require access and security enforcement. At present, the greatest ransomware risk emerges from these domains.

How can organizations prepare for ransomware attacks?

There are real risks, and even at a low volume, some attacks will get through. The question is, ‘what is your capacity to respond in real time with preventative controls and to map those against other artifacts that may exist on the network?’ And ‘how can we mitigate those or remediate in as near-real time as possible’?

For answers to these ransomware questions, threat prevention best practices, approaches to stronger security enforcement and more, be sure to watch this highly informative webinar. Lastly, sign up for the Cyber Talk newsletter here to receive premium expert insights in your inbox each week.

Back to top button