In today’s alarming reality, adequate ransomware response and recovery programs should be embraced as crucial business enablers. Improvising when an organisation’s OT and critical operations are engulfed in a deadly firestorm is likely not the answer.
Ransomware attacks, which spread across the network and encrypt data, are soaring worldwide. Decryption of business data can be almost impossible amid today’s increasingly sophisticated ransomware attacks, during which attackers typically demand a ransom payment in bitcoins to release a key for data decryption. The organisation under attack must either pay to regain access to its data or hope to recover the data in some other way, such as via backup applications.
Effectively managing an attack is critical in order to address the initial impact on operations and costs, and to help minimise a recovery that may involve days or weeks of limited capabilities and interrupted customer services. Businesses need to prepare not only for an attack response but for rapid recovery — and this is particularly critical in the OT domain, where physical processes are typically involved. While many businesses are racing to enhance prevention and response programs, they also need appropriate recovery capabilities.
This article – The day after – explores how industrial organisations can recover, build resistance and achieve resilience after a cyber-attack to operational infrastructure.