The Royal United Services Institute (RUSI) is the world’s oldest and the UK’s leading defence and security think tank. They recently published an extremely interesting paper which you can read in full here: ‘The Scourge of Ransomware: Victim Insights on Harms to Individuals, Organisations and Society‘.
The paper sets out a framework for understanding ransomware and the layers of harm we often overlook. 🔍 Summary of Key Findings:
- Beyond Financial Loss: Ransomware harms extend far beyond the financial and include physical, psychological, reputational, and social impacts.
- Downstream: The paper introduces a nuanced framework for ransomware impacts – categorized into first-order, second-order, and third-order harms, based on an existing taxonomy of cyber harms. Downstream from a ransomware attack can be even more challenging than being at the epicentre, as access to information about the attack may be much more limited.
- Societal and National Security Impact: The effects of ransomware harms can significantly disrupt supply chains, erode public trust in services and law enforcement, and offer advantages to hostile countries that provide safe havens to cyber-criminals.
- Organisational Risk: For organisations of all sizes, ransomware not only poses financial risks but also threatens their very survival and reputation, especially those handling sensitive data or requiring operational integrity.
These findings convey the broad and deep impacts of ransomware and urge a more surgical approach to cybersecurity.
💡 Why It Matters: As ransomware and other attacks continue to evolve, understanding the levels of harm is crucial for developing effective interventions and strategies, and boosting the resilience or ‘immunity’ of our digital estates. To combat this widespread cyber-disease we need to follow a method……
The CSP Way
For several years, we’ve been following our unique approach to addressing ransomware and other malicious attacks across Australia, drawing inspiration from the history of medical science. Why medicine, you might ask?
Well, there are several compelling reasons why these seemingly distinct fields are more similar than you might think: here are just a few common features:
- Diagnosis and analysis: detecting vulnerabilities within the ecosystem and understanding how hackers or ‘digital germs’ exploit them.
- Treatment and remediation: after identifying a security issue a remediation effort might be required such as isolating a system, evicting the hacker, or implementing security updates.
- Ongoing check-up and maintenance: security is a journey, not a destination, and requires continuous monitoring, updates, and adjustments. Depending on your unique organization or ‘cohort’, the effort and controls will also vary.
Equally, there are many things we can learn from medicine about how not to practice cybersecurity.
First, do no harm – Hippocrates
This principle of ‘first do no harm’, is an oath that every doctor today has to swear to uphold, but was commonly overlooked throughout much of medical history.
Consider bloodletting, a widespread yet wholly ineffective practice that was meant to remove an illness by draining the patient of several litres of blood. It’s a fact, that seeing a doctor throughout most of human history significantly lowered your chances of survival rather than increasing them.
The Latin term ‘iatrogenic’ is a concept that conveys a fundamental truth: every intervention carries potential risks. Thus, unnecessary interventions should be avoided and the costs and benefits of all others carefully weighed up. Greater observation and commitment to ‘first, do no harm’ Is the moral of the story, and a lesson we consider before recommending any cybersecurity controls or initiatives.
Fortune favors the prepared mind – Louis Pasteur
This saying became particularly relevant after the advancements following the germ theory of disease, which more accurately explained how illnesses spread and developed by microbes. This seismic shift in our understanding of medical causes underscored the importance of experimentation and humility, revealing how the medical community, especially those who practiced bloodletting, had been overly confident and extremely unobservant.
This realization highlights the value of acknowledging our limitations and the potential for error. Embedded in our culture at CSP Global are the principles of humility, preparation, and greater observation. We only recommend interventions and controls that make sense to your organization. Plus, we routinely pilot changes against a small sample size to ensure we do not cause unnecessary harm to the health of your operations and productivity.
By continuously seeking feedback and looking for errors, we inform our future strategies and processes, thereby avoiding the traps of being overzealous about one particular procedure. With this knowledge in mind, we established our guiding pillars for bolstering an organization’s immunity against cyber disease:
💰 Eliminate: Complexity and disparate solutions can make attacks harder to detect and add unnecessary inefficiencies. Bringing your capabilities under one roof with Microsoft XDR (protecting every assets i.e devices, apps, emails, servers, and data), and eliminating patchwork solutions, can increase cost savings by up to 60%
🎯 Simplify: Complexity is the enemy of effective cybersecurity. We are dedicated to simplifying the security landscape for our clients, cutting through the jargon, and delivering solutions that enable you to do more with less.
🔍 Protect: Your digital workers are at the heart of everything we do. Our robust and tailored solutions are designed to safeguard your assets and sensitive data against evolving cyber threats. We vastly expand what is detected within an organization and deliver specific playbooks for how to respond, providing you with far greater peace of mind.
If you want to find out how we can apply this method to the lifeblood of your organization, please reach out to us here and book a free cyber-health consultation. 😃