A study from Telus revealed that 67 per cent of Canadian organizations surveyed reported some form of a ransom incident in the last year. Additionally, 63 per cent reported experiencing a multiple extortion attack, which is a typical ransomware attack combined with an extra threat—the victim must pay a ransom to regain access to their technology and data, and to keep that data from being exposed online.
During IT World Canada‘s Top Women in Cyber Security event, panellists Maggie Calle, vice president of information security consulting at Dash Security and Risk, Octavia N. Howell, vice president and chief of information officer at Equifax Canada, and moderator Leita Ouellette, general manager for Telus Cybersecurity, spoke about fighting ransomware in Canada.
According to Calle, with an increase in cyber security attacks, organizations are more aware of threats even outside security teams.
“I have seen a huge increase in awareness of ransomware threats in many organizations,” Calle said. “Not just within the security teams, but also teams across the organizations such as the business, C-suite level executives, and the board of directors.”
She added that there has also been an increase in the number of activities that are conducted in organizations, such as seminars, workshops, and exercises to educate workers on cyber security and to test security procedures.
Howell echoed a similar sentiment, saying organizations have a new level of awareness and preparedness when it comes to cyber security.
The panellists also touched on what to do when it comes to paying the ransom in the event of a cyber attack.
Calle said that paying ransom, or not paying it, depends on an organization’s risk assessment.
“A risk assessment can reflect whether the organization’s security controls are weak…If there is no cyber insurance, then [it’s] very likely the risk assessment is going to point to writing a policy that states the organization has to pay ransom. There is no other choice. But that’s something that needs to be predefined and tested prior to an actual event,” she said.
Howell added that it’s important for an organization to actually know where its vulnerabilities and gaps are to be able to understand what needs to be improved.
“Instead of being prepared to pay a ransom or not pay a ransom, I believe we need to be prepared to make sure that we have… proper oversight in place to ensure we don’t get ransomed anyway,” she said.
In addition, Calle also touched on the biggest risks organizations should be concerned about at this time.
She said interconnection within organizations can be a huge issue. She noted that even certain outages can impact more than just the organization itself, and can affect external services due to interconnectivity.
“We can’t put our organizations within a bubble and disconnect from the rest of external third parties. Security now is about securing entire ecosystems, not just organizations,” Calle said.