“Ransomware can be introduced into your environment in many ways.  If we assume that ransomware can get into your environment – an assumption you should default to – then implicit trust is no longer an option,” says Datacom Director, Connectivity & Security, Matthew Evetts. “You have to take a Zero Trust approach and question every actor and action. 

With ransomware attacks constantly evolving he says endpoint protection, particularly of staff devices and servers, is an essential line of defence and a critical part of a Zero Trust approach. 

“Protection and monitoring across an organisation’s whole ecosystem are often lacking. Attackers and the ransomware packages they deploy are specifically looking for the unprotected parts – the gaps in your defence.”  

Matthew Evetts shares a range of ransomware insights and observations in the ebook “Fighting ransomware requires a Zero Trust approach”, developed by Datacom with cybersecurity software partner Check Point. 

The ebook also outlines ten reasons a Zero Trust cybersecurity approach is effective in combating ransomware attacks, including the fact it promotes network micro-segmentation, where the network is divided into smaller segments with strict access controls. 

Infographic detailing basics of Zero Trust

One of the foundational principles of Zero Trust is the ‘Principle of least privilege’ which, as the ebook explains, limits the damage cause by cyber breaches and attacks: 

Zero Trust operates on the principle of least privilege, which means that users and systems are granted only the minimum level of access required to perform their tasks. This approach limits the lateral movement of ransomware within a network. Even if a user’s credentials are compromised, the attacker’s ability to move laterally and access critical systems is restricted.

Key takeaways from Check Point’s latest cybersecurity report are also captured in the ebook, including the trend towards ‘Ransomware-as-a-Service’ or RaaS models where bad actors initiate attacks on behalf of other entities and take a cut of ransom payments as a fee for service. 

Analysis of all of cases handled by Check Point Incident Response Team (CPIRT) shows that ransomware continues to be one of the most significant threats facing organisations, ahead of other common threats such as phishing and email and single server compromises. 

“The prevalence of ransomware attacks and the scale of the damage they can do to large and small businesses alike, requires a more comprehensive approach to cybersecurity.” 

Download the full ebook: “Fighting ransomware requires a Zero Trust approach.” 

Related industries
Technology
Related solutions
Security Advisory & consulting