Resilient, an IBM company helps organizations respond to and manage ransomware
Via IBM Press Center
Dec 14, 2016
CAMBRIDGE, MA - 14 Dec 2016: Resilient, an IBM (NYSE: IBM) company today released the industry’s first Dynamic Playbook for ransomware, aimed at helping organizations globally respond effectively to this growing type of cyberattack. Dynamic Playbooks, the latest innovation to Resilient’s Incident Response Platform, automate and orchestrate, in real-time, the variety of actions organizations need to take in response to cyberattacks.
According to a new IBM study, seven out of 10 U.S. businesses surveyed infected with ransomware have paid to resolve a ransomware attack, with more than half paying more than $10,000. To help organizations respond rapidly and strategically to this type of threat and many other types of threats, Resilient’s new Dynamic Playbooks are an industry first in the incident response management market. Resilient’s Dynamic Playbooks provide an unmatched orchestration of incident response by adapting in real-time to the details of a cyberattack or other business threat, and enabling effective, rapid response to more sophisticated threat types.
“Fast-moving, sophisticated threats like ransomware require new and actively adaptive response methods. Resilient’s Dynamic Playbooks set another new standard for agility, intelligence, and sophistication in the battle to respond to and recover from today’s complex cyber threats,” said John Bruce, CEO and Co-Founder of Resilient, an IBM Company. “Ransomware is just one example of the cyberattacks facing companies today, but its growing rate of prevalence is threatening businesses like never before. This technology arms companies with a response approach that manages the intensity of the problem.”
Resilient’s Dynamic Playbooks share several critical and differentiating attributes:
Agile: Resilient’s Dynamic Playbooks continually react to changes by leveraging rules and scripts that implement business logic and enriching incidents as they progress.
Intelligent: By leveraging information from other connected systems, Dynamic Playbooks make rules-based decisions to take actions – such as increasing priority or involving other parts of the organization, such as legal. By the time an analyst opens an incident, many repetitive, initial triage steps have already been completed.
- Sophisticated: Dynamic Playbooks keep business rules separate from workflows, eliminating the need for a proliferation of static playbooks with only slight variations, and keeping management overhead to a minimum.
As an example of how this works, consider a spear-phishing attack on a work laptop used by a senior executive. Before an analyst in the security operations center even sees the incident, rules and conditions associated with the Dynamic Playbook have used information from connected systems to determine that the user is an executive, automatically escalated the alert to tier-2 analysts, raised the official severity code for the incident, and notified the company’s legal team.
In addition, Resilient’s Dynamic Playbooks support integrations with more than 100 other systems that may be present in a typical security environment, providing Resilient clients with a seamless, centralized incident response hub. Built for security leaders by security leaders, Resilient’s Incident Response Platform processes more than 1 million incidents a day.
The State of Cyber Resilience in 2016
The state of Cyber Resilience among U.S. businesses has not improved in the past year. According to the Ponemon Institute 2016 State of Cyber Resilience study sponsored by Resilient, only 32 percent of IT and security professionals say their organization has a high level of Cyber Resilience – down slightly from 35 percent in 2015. Seven out of 10 spend the same or more time dealing with a cyber incident than a year ago, and more than half say their leaders don’t recognize the link between cyber resilience and revenues or brand reputation. At the same time, what has increased over the past year is the average cost of a data breach -- now estimated at $4 million per incident.
The greatest barriers to Cyber Resilience among U.S. organizations are:
- Insufficient planning and preparedness
- Complexity of business processes
- Insufficient risk awareness, analysis and assessments
- Complexity of IT processes
- Silos and turf issues
To download the 2016 Cyber Resilient Organization study, visit http://info.resilientsystems.com/ponemon-institute-study-the-2016-cyber-resilient-organization.