Named a Visionary in Gartner Magic Quadrant for Secure Web Gateways (SWG)
Our platform invisibly protects users wherever they go online. So threats are history and the alert storm is over.
Traditional network security wasn’t built to address today’s complex enterprise environments. SASE fixes that problem.
Menlo Labs provides insights, expertise, context and tools to aid customers on their journey to connect, communicate and collaborate securely without compromise. The collective is made up of elite security researchers that put a spotlight on the threats you know and don’t know about.
Menlo Labs provides insights, expertise, context and tools to aid customers on their journey to connect, communicate and collaborate securely without compromise.
Share this article
An attack every 11 seconds. A $200,000 average ransom demand. A total of $20 billion in damages worldwide. Two-thirds of enterprise security executives identify ransomware as their top security concern. A $10 million presidential reward.
Ransomware continues to ravage global businesses, government agencies, and everyday citizens of the world. Yet organizations continue to rely on the same tired, outdated, and frankly, archaic cybersecurity measures to try to stop this evolving threat.
This begs the question: If ransomware is known to be so destructive, why haven’t organizations evolved their security strategies to stop ransomware in its tracks?
Unfortunately, it all comes down to money and how companies assess risk in today’s hypercompetitive marketplace. When a company is breached, its leadership typically has two options. They can hire a cybersecurity firm to try to recover their data and take back control of their systems—a disruptive process that could take weeks or months. Or they can simply pay the ransom—often a fraction of the cost of remediation. Most organizations take the second option, handing over whatever amount the attackers request, filing an insurance claim, and chalking the entire incident up to the cost of doing business today.
The long-term effects of a ransomware attack on today’s businesses can be devastating. Consumers have nearly unlimited options for where to spend their money, and brand equity and customer experience are often their top criteria. Any organization that is willing to disrupt their customers’ experience or put their personal data at risk is playing with fire. Given increasing competition and shrinking margins, companies need to eke out as much revenue over the lifecycle of each customer as they can, forcing companies to focus on retention over acquisition. This requires brand loyalty—something that can be lost in an instant if customer data is compromised. No amount of insurance can protect your brand equity in the aftermath of a public relations disaster.
The evolving natures of ransomware syndicates and ransomware as a service are also raising the stakes. It used to be that attackers would hijack your systems and then relinquish control once the ransom was paid. However, today’s increasingly sophisticated threat actors are using that control to exfiltrate your data as an additional inducement. In addition to downtime and a hit on your reputation, you now have to worry about sensitive information going public and getting into the hands of your competitors or being sold on the black market. How do you put a price on that?
Prevention vs. Detection
It’s clear that the only way to protect your organization from these criminals is to prevent the attacks from happening in the first place. The problem is that traditional detect-and-remediate approaches to cybersecurity are inherently flawed. The moment a ransomware attack is detected, it’s too late. Your systems have been compromised, the attackers already have what they need, and no amount of remediation is going to turn back the clock to unwind the damage. You’re cooked.
Organizations need to take a proactive approach to stopping ransomware attacks before they infect systems. This requires adopting a Zero Trust cybersecurity strategy that’s powered by isolation. The concept of Zero Trust assumes that all traffic—inbound and outbound—is inherently bad. Instead of making an allow-or-block decision at the point of click, organizations can block known threats and isolate everything else in a remote browser in the cloud. Moving the fetch-and-execute commands off the endpoint acts as a fail-safe technique that cuts off access to users’ devices—preventing ransomware from getting a foothold in the network.
To bolster your knowledge of the topic, download Gartner’s latest report that highlights how you can proactively protect your organization from ransomware attacks, and be sure to view our infographic that showcases responses from a recent global Twitter poll on ransomware.
Eric Schwake on Aug 17, 2021
To talk to a Menlo Security expert, complete the form, or call us at (650) 695-0695.