[BreachExchange] CISO concern grows as ransomware plague hits close to home

[Destry Winant]

https://www.zdnet.com/article/ciso-concern-grows-as-ransomware-plague-hits-close-to-home/

Garmin is currently wrestling with a ransomware-induced outage, and
locally in Australia, 2020 has seen ransomware take out major
companies and threaten beer supplies when it hit logistics giant Toll
and beverage company Lion. Toll has only recently recovered from its
second dose of the year.

These sorts of attacks are starting to ring alarm bells, with APAC
CISO of JLL Mark Smink telling ZDNet on Tuesday the ransomware plague
has evolved a long way from where it was four or five years ago.

"[It] does concern me significantly that Fortune 500 companies are
actively being targeted and they are looking for as much damages as
they possibly can," he said.

"It is alarming how close to home these incidents are actually occurring."

One way to push back, according to Smink, is to have a coordinated
approach between technology, people, and processes.

Going a step further, Cisco Australia cybersecurity director Steve
Moros said the industry itself needed to evolve as well as a siloed
approach to defence against ransomware is no longer effective.

Moving Forward to Zero Trust Security

"Zero Trust", a powerful principle in which every user/machine/server
is not trusted until proven so. With growing corporate breaches,
network architecture will no longer provide the security support it
once did. Read this whitepaper to learn how to transition your
architecture to Zero Trust.

White Papers provided by Akamai Technologies

"I don't think [ransomware] can be stopped in terms of people growing
the sophistication and techniques, and the persistence of these types
of attacks, so I think that will stay. If we look at history, it's
going to continue to evolve," he told ZDNet.

"The security industry must evolve, and if we look at security
solutions, they need to work as a team and that means that they
communicate in real time and learn from each other and then they have
a coordinated response to these attacks.

"It's the coordinated sharing of context and the integrated approach
that will help minimise the impact."

Last week, an industry advisory panel report, which will feed into the
federal government's upcoming 2020 Cyber Security Strategy,
recommended that large businesses receive incentives to support
smaller businesses in their supply chain and client base.

For Moros, that boils down to the sharing of information.

"If you put that into perspective from an economic standpoint, a
smaller organisation that does business with a larger organisation is
the weakest link because it's a trusted connection that can be
compromised to attack a larger organisation," he said.

"[It] used to be seen as a competitive advantage to kind of have
stopped an attack and not share that information. But I think now when
you look at supply chain hacking and different types of techniques,
it's beneficial that an organisation will help share best practice and
information on threats that are traversing their sector, or segment,
or organisation."

When talking with smaller organisations, Smink said it was best not to
overcomplicate what is expected from third parties.

"We want to make sure that that we have a clear path of communication
to share an intelligence, but also making sure that we have clear and
concise objectives on how we expect them to run a secure operation,"
he said.

"That's why we have been focusing on actually trying to simplify that
engagement to make it accessible for smaller partners."