Ransomware Attack Mitigation Strategies

Organizations around the world face cybersecurity risks, including ransomware attacks. These attacks pose serious threats to business operations; in 2021, the average mitigation cost of a ransomware attack was $1.85 million, with organizations experiencing an average of 21 days of downtime following an attack.

In an article for GRC Outlook, Barry Coatesworth, director at Guidehouse, discusses ransomware attack mitigation strategies. Some organizations choose to pay the ransom to expedite the recovery time, mitigate damage to business, protect customer or employee data, and lower recovery costs. Paying the ransom theoretically leads to the recovery of stolen data, but this does not guarantee that all data will be restored.

"Some experts say that 80% recovery is the best you can hope for," said Coatesworth. "And if the encryption keys work, there’s still a lot of work to be done. Data recovery can take weeks, especially if most of it is encrypted."

The article also discusses what can happen if an organization does not pay the ransom, as a robust data backup system may put an organization in a better position to rebuild the environment.

"Organizations cannot prevent every possible ransomware attack," explained Coatesworth. "The best thing you can do is assume you will be hit and have plans in place that enable a quick response."