The BFSI industry gets proactive with its ransomware defense strategy

In its semi-annual risk report released a few days ago, the Office of the Comptroller of the Currency, the top US banking regulator, cautioned enterprises to ensure they have robust policies and systems to protect themselves from cyberattacks, saying it is seeing a significant increase in ransomware attacks. This worrying increase highlights the urgent need for enterprises to adopt preventive measures to proactively protect their networks from potential ransomware attacks.

Our latest Cybersecurity Pulse study shows that four out of five (81%) cybersecurity executives in the banking, financial services, and insurance (BFSI) industry consider ransomware attacks one of their top three cybersecurity concerns. And they are getting proactive with their defense strategies:

• Seventy-three percent (73%) of respondents are boosting threat intelligence capabilities and improving threat intelligence collaboration with private and public sectors as a matter of very high priority. This move clearly shows that the BFSI industry is going on the offensive against ransomware by moving from a reactive to a more proactive security mindset.
• Sixty-seven percent (67%) of respondents are increasing security controls to prevent lateral movement of threats within the network as a matter of very high priority. This type of security containment approach effectively limits the damage once breached, preventing attackers from moving laterally through the network in search of sensitive data and other high-value assets.
• All respondents are implementing, as a matter of high or very high priority, advanced protection measures to prevent ransomware attacks from invading backup data. Having robust backup mechanisms has always been the strategic solution for quickly recovering data and not paying a ransom. But recent attacks have shown that attackers have developed very ingenious approaches that also target backups during their ransomware attacks to drastically increase their chances of obtaining payment.

The Bottom Line: The defeatist argument of many enterprises to pay ransoms and bow to the whims of cyber crooks instead of doubling down on preventive measures is no longer an acceptable response for the BFSI industry.

The industry is adopting a dual strategy to fight ransomware. On the one hand, it is going on the offensive by increasing threat intelligence capabilities and developing advanced ransomware hunting processes to detect early warning signals of threats at the source. On the other hand, the industry is strengthening targeted protective measures to better protect data backups, contain the spread of attacks, and respond to incidents.