Ransomware Preparedness Assessment & Testing

The Ransomware Problem

Ransomware is a type of malware, or malicious software, that is designed to deny you access to your files and systems using encryption. Once a bad actor gains a foothold and has your files and systems "hostage," they will demand a ransom in exchange for a key that, in theory, will unlock them.

Bad actors are constantly trying to inject malware through things like phishing emails, a vulnerability exploit, or misconfigured networks and systems. It only takes one wrong click to cause extended interruption of operations, reputational harm, and data loss. Ransomware attacks continue to be one of the greatest threats to data security and business operations, and our Ransomware Preparedness Assessment was created to help you combat them.

Get the Datasheet

Learn more about our Ransomware Preparedness Assessment.

Download

Our Approach

Our Ransomware Preparedness Assessment is an in-depth review of how prepared your organization is to combat a ransomware attack. We accomplish this through documentation requests and interviews with key personnel to determine the implementation status of administrative and technical security controls. With this approach, we can determine your organization's preparedness from an administrative and operational level, provide a technical review of external network security measures, and test internal employees on ransomware-based security awareness.

Ransomware Preparedness Assessment

We've constructed a custom control framework using our experience in the industry and guidance from NIST, FFIEC, CISA, CIS, and more, plus assorted controls into three major categories: Prevention, Detection, and Response & Recovery.

We provide you with a list of controls we will be looking for, including any supporting documentation or recommended artifacts for you to gather for the assessment portion of the engagement. The analyst uses the submitted documentation and interviews to review each control, determine the implementation status, and make recommendations with ransomware as the focus.

Ransomware Preparedness Testing

Following the assessment portion of the engagement, the analyst performs external network scanning and testing to identify any vulnerabilities that could be exploited through ransomware. Any existing vulnerabilities and the threats they pose will be included in the report, along with recommendations for improvement.

The analyst will also configure and send a simulated phishing campaign to a pre-determined list of employees. To make this test as realistic as possible, we will not request to be whitelisted in your email filtering capabilities like we do in typical phishing engagements. Any users who fail the phishing test will be noted in the report. This is especially important since email phishing is the #1 way that organizations become infected with ransomware.

Other Services to Combat Ransomware

Our Ransomware Preparedness Assessment is a great way to determine how your organization would be able to respond to a ransomware attack. In addition to this, we also recommend services like these for a fully comprehensive preparedness program.