March 8, 2023 – Ransomware is so prevalent in malware attacks that there is no practical distinction between the two terms. Ransomware is of great concern because it attacks the security triad broadly, originally impacting availability, then confidentiality, and, increasingly, integrity. Compound the broad impact with financial aspects, of which any payment is a subset, and multiply the pain by reputational risk, and ransomware will be a topic of conversation for a while.

This brief provides a pragmatic summary of the minimum organizational actions that companies need to have already taken before a ransomware attack. It goes beyond the investments that serve as technical defenses, which are absolutely required, by layering on organizational actions for the CISO, CIO, and other risk executives to ensure the organization is as prepared as the technical infrastructure.

Clients of Aite-Novarica Group’s Cybersecurity; Life, Annuities, & Benefits; and Property & Casualty service can download this report.