To truly secure your business from the growing threat of ransomware, you need a solution that closes the gap in the last mile of a predominant ‘defense in depth’ strategy, creating a genuine ‘last line of defense’.
With ransomware fast becoming one of the biggest global security threats, it is no surprise to learn that even in South Africa, the cost of such an attack is massive – statistics indicate that the average expense to remediate such an attack is in the region of R6.4 million.
With ransomware making cybersecurity more critical than ever, most companies have adopted a principle called ‘defense-in-depth’. This entails implementing firewalls, endpoint protection, application and API security, data protection, anti-phishing, Internet of Things (IoT) security, and potentially even kill switches.
Patrick Evans, CEO of SLVA Cybersecurity, explains that regardless of how complete such a strategy is, the fact remains that such an approach is only about 98% effective and simply cannot protect you all the time, especially given the human factor in the whole security fabric.
These types of attacks generally target file shares, which is why a last line of defense solution should augment a standard security implementation – one designed to stop malicious encryption on monitored file shares and file servers.
When one considers that a ransomware attack can easily encrypt up to 25,000 files per minute, the need for a solution like BullWall becomes obvious. It delivers a proven, 24/7 automated response, complementing existing security defenses and instantaneously detecting data anomalies and events.
Essentially, he indicates that a last line of defense like Bullwall does is listen to all the traffic on a company’s network, regardless of whether it is connected to the cloud or not. By leveraging artificial intelligence (AI) and machine learning (ML) techniques during its initial deployment, it can quickly learn what legitimate file encryption looks like in a specific environment. Armed with this knowledge, it can quickly tell whether any file encryption in the system is illegitimate.
BullWall can rapidly and easily contain a ransomware attack if it targets a business. The solution can also tell you exactly where the incident happened, so your security team can quickly determine Ground Zero.
In addition, should any encryption have occurred, the solution can quickly tell exactly which files were encrypted and where they are located, enabling the business to restore them in a fast and efficient manner. And on top of this, notes Evans, it can help your company remain on the right side of the law – in what is a highly regulated environment – by producing all the paperwork necessary for filing with the regulator.
Not only is this the ideal solution to eliminate that 2% security gap, but it is also one that is simple to deploy with a limited footprint and operating in a listen-only mode, and will provide that final line of defense that has become especially imperative in the post-pandemic world of remote or hybrid work environments, both for on-premises and cloud environments.
Considering that South Africa is one of the top five most targeted nations for ransomware in the world, implementing a last line of defense should be less of a ‘nice to have’ and much more of an ‘absolutely have to have’. BullWall is the answer to becoming more resilient and offers a way to ensure business continuity in the face of a growing barrage of ransomware attacks.
By Patrick Evans, CEO of SLVA Cybersecurity