Introduction

The safeguarding of digital assets is an ongoing, uphill battle. This fight is made harder still by the gaps in cyber resilience policies and the alarming lack of confidence in ransomware recovery. The need for boosted recovery confidence underscores the importance of addressing these challenges to fortify organisations against the rising tide of cyberthreats.

The Australian Signals Directorate (ASD) noted in its ASD Cyber Threat Report 2022-2023 that nearly 94,000 cybersecurity incidents were reported to law enforcement through ReportCyber in the 2022-2023 fiscal year, an increase of 23 per cent compared to the previous year. To put that number in context, that’s approximately one report every six minutes. The ASD also reported that the average cost of cybercrime per report rose 14 per cent. Add to that the global estimation that a ransomware attack is attempted every 11 seconds, and the picture painted is a terrifying one.

Thankfully, this has spurred increased discussions about the need for methods of preparing for and preventing cyberattacks. However, as John Chambers, former CEO of Cisco, succinctly put it, “There are two types of companies: those who have been hacked, and those who don’t yet know they have been hacked.” It’s time for the spotlight to also shine on recovery.

A recent study on cyber resilience in Australia and New Zealand indicated that a staggering 24 per cent of respondents said their organisations either lack a cyber resilience policy or they are unaware of its existence. This kind of policy implementation gap has a detrimental impact on the overall confidence of the staff, stakeholders, and customers.

Despite this worrying gap, there is a silver lining. According to the same study, 73 per cent of organisations can return to normal within 24 hours following a breach. This ability is closely tied to having a well-structured recovery plan. The correlation between swift recovery and meticulous planning is further accentuated by the fact that 90 per cent of organisations with a recovery plan have conducted recovery testing within the last 12 months. Having a plan is only beneficial if its efficacy is actively tested through regular assessments.

A Crisis of Confidence

The cyber resilience study paints a grim picture of ransomware recovery, with only 40 per cent of organisations expressing high confidence in their ability to recover without succumbing to ransom demands. This is reflected in how 10 per cent of organisations admitted that they have paid a ransom at some point.

Clearly, there is an urgent need to reassess, or in some cases develop, ransomware recovery strategies. This requires a collective shift in mindset towards resilience and preparedness. Organisations must embrace advanced technologies as a means of boosting recovery confidence. Additionally, ongoing employee training is crucial for enhancing cybersecurity awareness and cultivating a confident workforce.

The Role of Education

Delving into the realm of cybersecurity education, it is evident that educated employees play a pivotal role in recognising and mitigating cyberthreats. Employees, when equipped with the right knowledge, become the first line of defence. This necessitates continuous investments in cybersecurity training programs within organisations to ensure employees are well-versed in the evolving threat landscape. This can simply mean being able to identify potential phishing emails or knowing not to click suspicious links.

Back Up the Backups

Another crucial recovery step is ensuring the continued functioning of backup and recovery systems to protect against data loss. In parallel with educating employees, organisations should schedule data backups at fixed intervals to make sure the most recent environments and data are safe.

Having a vague recovery plan is not enough; it must be comprehensive, covering technologies, communication, stakeholders, and laws. Organisations must ensure that their recovery plans evolve alongside the threat landscape, stressing the need for regular updates and testing. This holistic approach is vital for effective post-breach recovery.

The call to action is clear; organisations must invest in cybersecurity measures for protection, detection, and recovery; implement robust cybersecurity policies; and educate employees to foster a culture of resilience. Only through collective effort and strategic investments can organisations move forward with the confidence needed to safeguard their digital future.