Ransomware is a Board-Level Issue – Here’s Why

Najaf Husain, Cofounder, Elastio

Ransomware isn’t just a problem for the security team; it demands the attention of the board and C-suite as well. Ransomware can be ruinous for an enterprise – it can halt operations and inflict severe harm on a company’s reputation, all the while siphoning off financial resources. 

 Harvard Business Review research revealed that nearly 75% of boardrooms consider cybersecurity a priority, and many often engage in discussions on the subject. Given the high stakes of an attack, cybersecurity must be a core element of company culture – the board and C-suite must integrate cybersecurity into all their decisions and activities.

How does ransomware work?

Ransomware infiltrates a company’s systems and encrypts its data, rendering both the source data and any backups unusable. The individuals behind these attacks then demand a ransom, effectively keeping the compromised data as a hostage until the payment is made. In some cases, these attackers can lock businesses out of their own systems, resulting in a complete operational standstill. In other situations, the attackers may threaten to publicly release all the compromised data, creating substantial risks for the affected company’s reputation and regulatory compliance. A recent case of ransomware is the attack on MGM casinos. This attack caused a 36-hour outage in which the gaming floor, reservation services and websites were all offline, and hackers successfully gained access to personal customer data, including Social Security Numbers. All in all, MGM suffered an estimated $100M loss from the data breach. 

Why is ransomware a board-level issue?

 Ransomware is a top priority for the board and C-suite because its consequences can be devastating, impacting mission-critical aspects of the business: 

  • Extinction-level financial impact and operational disruption: Ransomware attacks can lead to an “extinction-level event,” combining substantial financial losses with severe operational disruption. Companies may find themselves compelled to pay ransoms, deal with expenses related to data recovery, and endure downtime, all of which can critically impact the company’s bottom line. For instance, consider the case of KNP Logistics, a UK logistics firm, which attributed its insolvency last month to a ransomware attack that occurred in June.
  • Reputational damage and loss of customer trust: If customer data is compromised, or if the company’s ability to fulfill commitments is hindered by an attack, it can severely undermine trust in the brand. A striking example of this is the BlackCat attack on Lehigh Valley Health Network, where the ransomware group exposed highly sensitive patient information, such as intimate images of breast cancer patients, medical questionnaires, and passports – recovering a positive brand image after such a devastating incident is very challenging.
  • Legal and regulatory consequences: In many regions, there are legal and regulatory requirements concerning data protection and breach notifications. Moreover, since ransom payments are typically hard to trace, organizations and their leaders could be at risk of violating US government sanctions by paying. Failing to protect against ransomware can result in legal action and regulatory penalties, such as the class action lawsuit that has been filed against Tampa General Hospital for “failing to protect the personal data of its patients”.  
Is my company really at risk?

While some may assume that only highly regulated industries or critical national infrastructure need to focus on ransomware protection, the truth is that any company can be vulnerable. This is particularly true in an era of increasing digitization of operations, the growth of remote work, and the widespread use of cloud storage. Traditional legacy data protection systems often aren’t prepared to effectively recover from a ransomware attack. Simultaneously, threat actors are growing more sophisticated, enticing new cyber talent, and continuously advancing their malware techniques. No company wants to find themselves the victim of a ransomware attack, but the risk spares no one.

What can we do to stay safe?

 Companies that navigate cyberattacks successfully are those with boards that have thought through and readied themselves for the entire attack lifecycle. This includes implementing essential controls to prevent an attack, efficient monitoring to promptly detect breaches, ensuring the integrity of data before it’s backed up, and reliable data backups for swift data recovery in case of encryption.  Immutable backups do not necessarily mean recoverable backups.   Elastio has designed its platform to help businesses stay prepared throughout every stage of a ransomware scenario by providing the necessary tools and solutions for protection, detection, response, and recovery.

How can we help you?  

Elastio has designed its platform to help businesses stay prepared and responsive throughout every stage of a ransomware scenario. Our behavioral analytics model deeply inspects your data for ransomware, malware, and corruptions. Crucially, our ongoing scanning of back-up data also ensures that our customers can safely recover from a ransomware attack with point-in-time restoration of applications and data to a known clean copy. ​​​This way, you get your business back up and running in minutes, instead of days. 

About Elastio

Elastio detects and precisely identifies ransomware in your data and assures rapid post-attack recovery. Our data resilience platform protects against cyber attacks when traditional cloud security measures fail. Elastio’s agentless deep file inspection continuously monitors business-critical data to identify threats and enable quick response to compromises and infected files. Elastio provides best-in-class application protection and recovery and delivers immediate time-to-value.