Ransomware is an insidious threat, impacting organizations, their employees, their customers and entire communities. Protecting the organization, and its data, against an attack requires the resources, experience and smarts of all stakeholders; working with a cloud service provider that prioritizes security can make a big difference.
Research indicates that more than one-third of organizations globally—representing both the private and public sectors—have experienced a ransomware attack, with organizations in the financial services and manufacturing sectors the most frequently attacked.1 Not only are ransomware incidents on the upswing, but so is the economic impact of those attacks, made even more dramatic by the fact that most organizations capitulate to attackers’ demands and pay the ransom to unlock and protect their data.
There are several key reasons why ransomware is on the rise. Remote work has increased the risk with decentralization, wider use of cloud services and personal devices outside of the control of a centralized IT security team, and too often, inadequate security hygiene in the office, at home and on the road.
These factors are driving organizations to dramatically step up their cybersecurity defense efforts, starting with the adoption of a zero trust methodology and including a dramatic expansion of their long-standing existing security controls. Organizations also must evaluate their current security controls and infrastructure, while also developing proper recovery safeguards and training users on good security practices.
Attackers Are Becoming Even More Aggressive
Of course, organizations in all geographies and industries are subject to a growing number of compliance mandates to protect private information, and industry standards such as CISA and NIST help fortify cyberdefenses. However, those should be considered starting points, not end goals, for a more secure defensive posture against ransomware and other cyber risks.
The undeniable fact is that cybercriminals aren’t playing by the rules—at least, not any rules except the ones they set. Hackers often collaborate as organized digital crime gangs, routinely sharing tips and tricks with one another on vulnerabilities and best practices in setting ransomware traps.
Organizations cannot get complacent. There are some important steps every organization can and should take:
- Be sure to understand and embrace your cloud partner’s shared responsibility model of cloud security. Cloud providers set up and secure the infrastructure, and it is up to the organization to implement the right security controls to protect data.
- Educate and train your end users on popular attack ploys, such as social engineering, email phishing and even software supply chain hacks.
- Consider putting backups both online and offline, and think about hosting them on different operating systems in case a malware exploit is platform-specific.
5 Cloud Security Trends for 2021 and Beyond
This paper explains the 5 security trends that are expected to have the greatest impact in the coming years, highlighting how Oracle can help address an organization’s security needs.
Download NowHow Oracle Helps Your Cloud Security Posture
Whether your primary security concern is ransomware, advanced persistent threats, zero-day attacks or something else, you’ll need to work with a cloud platform provider with both the technologies and the expertise necessary to spot, prevent and remediate the impact of security attacks. Oracle’s robust cloud infrastructure, based on third-generation Intel® Xeon® processors, is designed with numerous advanced security features already integrated into the hardware and software.
These security features include:
- Customer retention of control over named and privileged user authentication and access.
- Customer installation of monitoring agents and security controls of their choice.
- Network connections to Oracle databases protected by Oracle Advanced Security Network Encryption.
- Automatic logging of customer virtual machine access, available to the customer. Logs can be sent to other security information event management systems of their choice.
Organizations looking for the tightest security controls in their cloud-based infrastructure also have access to Oracle’s infrastructure security experts, who can recommend a number of best practices and workflow adaptations to better defend against ransomware attacks.
For more information on how to improve your organization’s security infrastructure against threats in a cloud environment, please click here.
1 “IDC Survey Finds Over a Third of Businesses Hit by Ransomware,” Solutions Review, Aug. 13, 2021
