Gartner Profile picture
We deliver actionable, objective insight that drives smarter decisions and stronger performance. Community guidelines: https://t.co/YoE73lYEBj

Jun 10, 2022, 15 tweets

Live from #GartnerSEC | #Ransomware Is Changing — Are You Ready? with Paul Furtado, Gartner VP Analyst.

About this session: Ransomware attacks have been morphing. Techniques used by the bad actors are changing. We will provide insight into the new tactics being used by...

... the bad actors not only to access your environment, but what they are doing with your #data once exfiltrated. We'll also provide current data on the financial impact of a #ransomware attack. #GartnerSEC

Follow this thread for key takeaways on #ransomware. 👇🧵 #GartnerSEC

"We say #ransomware is a risk, but I would say ransomware is the result of a failure in your #security stack." #GartnerSEC

To pay or not to pay? It's a business decision. #ransomware #GartnerSEC

How much would you have to pay? The average #ransomware payment for 4Q21: $211K, which does not include downtime costs. The average cost to rectify the impact of a #ransomware attack is $1.85M. #GartnerSEC

What happens when you do pay? #GartnerSEC #ransomware

How much of a threat is #ransomware, really? "2021 was the worst year for ransomware ever recorded. In North America, there was a 180% increase, and in Europe, a 234% increase." #GartnerSEC

How are we getting infected? #GartnerSEC #ransomware

What happens when you do get attacked? #ransomware #GartnerSEC

"The reality is there is no one sector that is exempt." #GartnerSEC #ransomware

How does #ransomware work? #GartnerSEC

4 common RaaS models:
- Monthly subscription for a flat fee
- Affiliate programs, a % of the profits going to the #ransomware developer
- One-time license fee with no profit sharing
- Pure profit sharing

#RaaS #GartnerSEC

4 stages of #ransomware extortion:
1. Encryption
2. Data exfiltration
3. Data mining
4. DDoS Attacks

#GartnerSEC #datamining

#Cybersecurity is an investment. #GartnerSEC

Gartner recommends following 3 best practices:

1⃣ Prepare: #ransomware playbook, TTX, articulate risk
2⃣ Detect & Contain: EDR, MDR, NDR, 24x7
3⃣ Recover: Immutable backups, #data protection, tested recovery

Share this Scrolly Tale with your friends.

A Scrolly Tale is a new way to read Twitter threads with a more visually immersive experience.
Discover more beautiful Scrolly Tales like this.

Keep scrolling