Dennis Underwood
Published on
July 15, 2022

Why Ransomware Defense Efficiency Is So Important: Part 1

A large portion of cybersecurity is about balancing business efficiency and protection. A competition exists on your IT equipment as well, for computer resources like memory, between programs protecting your business, and business operations programs. Let's explore this, and also start looking at why efficiency of ransomware-specific tools (or tools claiming to be) is absolutely so important.

Cyber Crucible helps clients protect themselves from ransomware attacks, and recover from ransomware attacks when they didn’t already have our prevention and automated response in place. We are constantly evolving our capabilities, from internal testing, threat intelligence feeds, and customer operations, to provide the best ransomware protection available.

The team, in research and development for the most effective automated defense, discovered the importance of highly efficient endpoint protection for ransomware. Let’s go over some of the reasons why you should be asking what the efficiency of any ransomware protection is. We recommend you test their solutions as well!

How Much Room Is Being Left On Your Computer For Actually Doing Business?

Effective ransomware protection, which Ransomware Rewind focuses on, requires a variety of tailored technologies that tool designed for other risks don’t manage well. It is also a newer risk that has probability not been a part of your risk management strategies in the past. (It is great you are reading blogs like this to educate yourself!)

Your organization likely has, and should have, tools in place to help manage various other risks such as email security, user security, group management, and anti-malware. Just like you have overhead costs for your business, from staplers to fire sprinklers to insurance, your computing equipment has a certain amount of overhead resources devoted to these risk management tools.

No alt text provided for this image

Of course, since cybersecurity is not as well-regulated as some other industries in our society, you should be correctly suspicious of tools and technologies that overnight claim ransomware risk management. There just isn’t the same level of enforcement like with FDA for medicine, or DoT for bridge safety.

No alt text provided for this image

Since ransomware is a relatively new risk, requiring new technologies, that means that you are going to be “stacking” ransomware protection on your systems, with other technologies for other risks. That means you are adding one more overhead program to your IT equipment, that takes up resources like CPU, memory, and network bandwidth.

For any protection, you should hold vendors to task for their resource consumption.

Your employees need the company to purchase equipment to stay safe while servicing customers, while impacting their productivity in the least manner possible. The same is true for computing resources.

Yes, we are asking you to allocate more resources to risk management, resources which are unavailable for business activities. Resources which, to be honest, do not earn you revenue like a new sales application might give you. However, FEMA statistics, and additional studies, have demonstrated that data-loss attacks (like ransomware attacks) have similar effects to business survivability and profitability as a major fire.

No alt text provided for this image

Actually, we can take that analogy further, while we are on the subject. Fires affected just under 2% of commercial buildings, but around 50% of businesses were hit by some type of ransomware. The Cyber Crucible sales team investigated using vehicle collisions that involved airbag deployment, of which good numbers are available via state Department of Transportation reporting. Even less drivers, 0.5%, experience first-person airbag protection!

So, we need ransomware specific protection, and we should expect it to be around as much interruption to our day as fire extinguishers or sprinklers. That also means the protection cannot detract from normal business, or consume a lot of time or resources.

We can take that one step further. When we first started tracking ransomware attack volume, airbag deployment during vehicle collisions in Pennsylvania. There were 47,100 deployments out of around 9 million drivers, or 0.5% of drivers experiencing an airbag deployment. That number was quickly eclipsed by ransomware attacks. Then we moved to an analogy comparing ransomware attacks to fires, but there 104,000 commercial building fires out of a total 1.34 million fires last year.

With over 40% of healthcare organizations, and over 50% of businesses in general are reporting ransomware attacks, there honestly aren't any other significant risks to business that come even close to that probability.

So, you need to manage the risk to your business, yet you also don't want to divert even more IT resources away from your users and business applications.

No alt text provided for this image

The Cyber Crucible team don’t have the resources to tackle *all* of your risk management problems, as much as we wish we could. We can make sure our ransomware protection takes up the least resources possible, though, knowing you already have other risk management technologies in place.

I’m proud to report that Cyber Crucible’s Ransomware Rewind prevention operates at incredibly efficient resource consumption. Customers routinely experience between 0% and 1% resource consumption by Ransomware Ransomware. Compare that to what else is installed on your desktops and servers!

In Review

  • You need ransomware specific protection.
  • Measure your ransomware vendors’ resource consumption during due diligence.  
  • You should expect minor or negligible resource usage like Ransomware Rewind, in addition to your ransomware protection capability expectations.
About the author
Dennis Underwood

Dennis Underwood is a veteran, cybersecurity leader, inventor, and entrepreneur with over 20 years of experience. He is an expert at cryptography, intrusion discovery and analysis, having discovered multiple previously unreported intrusions to clients throughout his career. Currently, he is leading a team of like-minded experts delivering next generation intrusion discovery and ransomware response automation tools to consumers.

Start a free trial today

Sign up for Cyber Crucible today to protect your system against ransomware extortion.

Create an account