Back to Blog

The Best Defense Against Ransomware

By Andy Mills

March 28, 2024

Get notified on new insights from Finosec now!

Be the first to know about new Finosec blogs to grow your knowledge of the cybersecurity governance industry today!

Beth Sumner, our VP of Customer Success, recently had the opportunity to discuss ransomware attacks and the importance of community bankers staying vigilant against these crimes in Independent Banker.  While the number of ransomware attacks continues to increase, so do the sums demanded by the attackers. In response to the escalating threats, the Conference of State Bank Supervisors updated their Ransomware Self-Assessment Tool (R-SAT 2.0), and our team at Finosec published a 3-part blog series on R-SAT v2.0 designed to help institutions mitigate ransomware risks and safeguard critical financial systems.

A July 2023 report by cybersecurity firm Sophos found that financial organizations recently paid an average of $1.6 million to their ransomware attackers to recover their data, a significant increase over the average of $272,655 in 2022. These criminals are going further than demanding money to decrypt company data—often using the stolen data to extort a company and its customers by threatening to release the data to the black market.

While these attacks continue to grow in complexity, there are commonalities in how hackers operate—with phishing and social engineering at the top of the list. Because of this, “cyber hygiene” is vitally important. With the use of strong and unique passwords, ensuring that multifactor authentication systems are standard practice, and managing to least privilege with standardized user access reviews at your institution, you can stay ahead of these attacks by safeguarding sensitive data and preventing unauthorized access to accounts.

More from Finosec

The Critical Link Between Third-Party Risk Management (TPRM) and Access Management

The Critical Link Between Third-Party Risk Management (TPRM) and Access Management

As highlighted in a recent article from the Federal Reserve, managing third-party relationships and the access associated with those relationships is a critical component of Third-Party Risk Management (TPRM). The associated access third party vendors have to banking systems is known as Access Management and is foundational for mitigating risks associated with third-party relationships. Access Management may be easy to overlook because it does not always reside with the same person or team as TPRM; making it difficult to provide critical oversight.

With increased regulatory focus, how should institutions be thinking of Access Management? Here are five steps your institution can take today to strengthen your third-party governance.

The Critical Foundation of Managing Access to Banking Systems

The Critical Foundation of Managing Access to Banking Systems

Managing access to banking systems has become increasingly complex as financial institutions navigate legacy reporting systems, API access, and cloud solutions. These challenges, along with the risks posed by unmanaged systems, emphasize the need for maintaining a...

Talk To An Expert Now
Talk To An Expert Now 770.268.2765