2024 Gartner® Market Guide for Managed Detection and Response
2024 Gartner® Market Guide for Managed Detection and Response Get the Report
Combating Ransomware with MDR Services
Pondurance
November 1, 2021
Cybersecurity breaches have been headline news throughout the COVID-19 pandemic. Organizations experience increasing threats from cybercriminals across industries, including healthcare, banking and financial services, with ransomware at the forefront of these attacks. Executives are challenged with how to protect the data of customers and patients against such threats. More and more, using managed detection and response (MDR) services is the answer. But what is MDR and how can it help?
Lyndon Brown, Chief Strategy Officer, talks about ransomware and explains how MDR services can combat threats in The Security Ledger Spotlight podcast with host Paul Roberts. Lyndon discusses the challenges of ransomware, why organizations are adopting MDR and the need for talented cyber experts.
The challenges of ransomware
Ransomware is malware that allows cybercriminals to gain access to an organization’s data and block access to the data unless a ransom is paid, usually in the form of cryptocurrency. “Cybercriminals use ransomware because that’s where the money is”, says Lyndon. Using ransomware is a monetary strategy for them to get rich quick, and cryptocurrency as a payment is difficult to trace.
“It really only takes a few mistakes by an organization to be susceptible and vulnerable to an attack,” says Lyndon. “In fact, the large Colonial Pipeline attack was caused by a single compromised password.”
Enter the adoption of MDR
Early on, managed security service providers focused on device management kept behind a physical perimeter, such as a firewall or antivirus product, to stop a cyber threat. But today, with the cloud and widespread information sharing, MDR providers focus on the cybercriminal before they get to the door. MDR proactively performs detection and response capabilities by leveraging advanced techniques, such as artificial intelligence and machine learning, and performing threat hunting.
Lyndon discusses how a quality MDR provider should offer 360-degree visibility across an organization’s infrastructure to close gaps across endpoints, logs, networks and the cloud and should be able to manage response from end to end.
Humans are needed
Technology alone is not enough to solve cybersecurity issues. Organizations also need humans to detect and respond to complex security threats.
“There’s somebody at a keyboard somewhere in the world trying to figure out…how to gain access to an organization’s assets to either monetize them or further their nation-state goals,” says Lyndon. “As long as you have that, someone on the other [side], you need humans on this side.”
Many organizations are struggling to find cybersecurity talent, and when they do, the candidates demand competitive salaries. Lyndon discusses the importance of attracting, developing, retaining and advancing talented cybersecurity experts who have a depth and breadth of experience in industry verticals.
Cybercriminals have increased the number of threats to organizations across all industries, and ransomware is a favorite among bad actors.