Enterprises are accelerating their adoption of digitalization and agile methodologies, dramatically changing their risk profiles. According to Gartner, many organizations continue to add layers of defence, which in turn increases the complexity of defending against the continued onslaught of more and more advanced attacks.

The 2022 State of the Threat from Secureworks noted that in 2022, ransomware, loaders, stealers, zero-day exploits and cyberwarfare and espionage just kept coming. What is just as troubling is that threat actors are growing in skill and stealth.

In this PodChats for FutureCISO, we are joined by Alex Tilley, head of intelligence research for Asia-Pacific at Secureworks, to talk to us about business and CISO preparedness considerations for ransomware attacks.

1.       What are the highlights of this year’s 2022 State of the Threat report? In particular, what has changed significantly from the previous year?

2.       Specific to Asia-Pacific, what are business leaders and CISOs getting right and wrong when it comes to cybersecurity preparedness?

3.       Specific to ransomware, at the operational level, how big of a problem is ransomware for the CISO? In the cases where an organisation has a CISO and experiences a successful ransomware attack, is the CISO typically asked to explain what happened, why it continues to happen, and what to do next?

4.       There is growing legislation in some countries to advise organisations not to pay for ransomware. What is your view on this? 

5.       As we come out of the shadow of the pandemic, how does a CISO help prepare the organisation against ransomware?