Ransomware: Harden the Humans, Not Just the Infrastructure

Report Summary

Ransomware: Harden the Humans, Not Just the Infrastructure

In addition to adopting technical defenses, organizations must take nontechnical actions to harden the overall organization.

John Keddy
Senior Principal

March 8, 2023 – Ransomware is so prevalent in malware attacks that there is no practical distinction between the two terms. Ransomware is of great concern because it attacks the security triad broadly, originally impacting availability, then confidentiality, and, increasingly, integrity. Compound the broad impact with financial aspects, of which any payment is a subset, and multiply the pain by reputational risk, and ransomware will be a topic of conversation for a while.

This brief provides a pragmatic summary of the minimum organizational actions that companies need to have already taken before a ransomware attack. It goes beyond the investments that serve as technical defenses, which are absolutely required, by layering on organizational actions for the CISO, CIO, and other risk executives to ensure the organization is as prepared as the technical infrastructure.

Clients of Aite-Novarica Group’s Cybersecurity; Life, Annuities, & Benefits; and Property & Casualty service can download this report.

How can we help?

If you have a question specific to your industry, speak with an expert.  Call us today to learn about the benefits of becoming a client.

Talk to an Expert

Receive email updates relevant to you.  Subscribe to entire practices or to selected topics within

Get Email Updates