Back to Blog

The Best Defense Against Ransomware

By Andy Mills

March 28, 2024

Get notified on new insights from Finosec now!

Be the first to know about new Finosec blogs to grow your knowledge of the cybersecurity governance industry today!

Beth Sumner, our VP of Customer Success, recently had the opportunity to discuss ransomware attacks and the importance of community bankers staying vigilant against these crimes in Independent Banker.  While the number of ransomware attacks continues to increase, so do the sums demanded by the attackers. In response to the escalating threats, the Conference of State Bank Supervisors updated their Ransomware Self-Assessment Tool (R-SAT 2.0), and our team at Finosec published a 3-part blog series on R-SAT v2.0 designed to help institutions mitigate ransomware risks and safeguard critical financial systems.

A July 2023 report by cybersecurity firm Sophos found that financial organizations recently paid an average of $1.6 million to their ransomware attackers to recover their data, a significant increase over the average of $272,655 in 2022. These criminals are going further than demanding money to decrypt company data—often using the stolen data to extort a company and its customers by threatening to release the data to the black market.

While these attacks continue to grow in complexity, there are commonalities in how hackers operate—with phishing and social engineering at the top of the list. Because of this, “cyber hygiene” is vitally important. With the use of strong and unique passwords, ensuring that multifactor authentication systems are standard practice, and managing to least privilege with standardized user access reviews at your institution, you can stay ahead of these attacks by safeguarding sensitive data and preventing unauthorized access to accounts.

More from Finosec

Integrating FFIEC Authentication Guidance: A Blueprint for Your Next Exam With Insights from Recent Regulatory Actions

Integrating FFIEC Authentication Guidance: A Blueprint for Your Next Exam With Insights from Recent Regulatory Actions

The Federal Financial Institutions Examination Council (FFIEC) Authentication Guidance update in August 2021 has marked a significant step towards enhancing authentication and security access measures within financial institutions. This update expanded upon previous handbooks from 2005 and 2011, emphasizing a broader scope that now includes employees, third-party vendors, and system-to-system communications via APIs.

Succession Planning: Essential for Sustaining Information Security

Succession Planning: Essential for Sustaining Information Security

In today’s world where cyber threats evolve rapidly, the challenge of replacing an Information Security Officer (ISO) underscores a critical issue: the cybersecurity job market is scorching, yet talent is scarce. This gap has turned recruitment into a high-stakes game for financial institutions, where the departure of an ISO exposes vulnerabilities and regulatory risks. With remote work expanding the competition for skilled professionals, the importance of strategic succession planning has never been more acute, ensuring that institutions remain fortified even in the face of staffing changes.

Partnering for Peace of Mind and Effective Oversight

Partnering for Peace of Mind and Effective Oversight

Pendleton Community Bank, a $700 Million Dollar Bank with 133 Employees in Franklin, WV, led by CEO Bill Loving, faced a critical challenge when their Information Security Officer departed, leaving a significant void in their oversight capabilities. Their goal was clear: establish an effective process for information security governance and cybersecurity oversight to ensure compliance and peace of mind.

Talk To An Expert Now
Talk To An Expert Now 770.268.2765