The Colonial Pipeline Ransomware: Know Where Your Key Data Lives, Decrease Your Threat Footprint
The Colonial Pipeline Ransomware: Know Where Your Key Data Lives, Decrease Your Threat Footprint
The Colonial Pipeline ransomware attack was the largest in the energy sector to date.
With cybercrimes up 100% from 2019 to 2020, this is only the beginning for 2021.
Many organizations are taking on digital transformation by moving to the cloud and creating a more connected world. The problem is that connectivity has also created an opening for cyber criminals to compromise these systems and demand ransomware payments.
To Pay or Not to Pay
While the US Department of the Treasury has deemed paying ransomware a violation of OFAC regulations, ransoms like the Colonial Pipeline attack put an organization in a very difficult dilemma. By not paying, you could be doing more damage (e.g., rising gas prices) to your organization long term.
For example, the City of Baltimore was hacked in May of 2019 and decided not to pay the ransom of 13 bitcoins, which at the time equated to roughly $91,000. It was a noble move, but not a financially successful one, as Baltimore ended up spending more than $18 million on recovery.
Containing a Breach
IBM states the average time to identify and contain a breach is 280 days, and the average breach costs $4 million. This says two things:
1) Organizations must find ways to become more resilient and responsive, and
2) You can limit your threat profile by minimizing your data footprint. Eighty percent of most organizations’ data is redundant, obsolete, or trivial (ROT), meaning it has no business, legal, or regulatory value.
Introspec, a software from TransPerfect Legal Solutions (TLS), eliminates ROT, identifies PII (personal identifiable information) and PHI (protected health information), and reduces your data footprint by 50%.
By decreasing your threat footprint, you not only eliminate the effects of a breach, but you’re also able to put risk mitigation and remediation strategies in place that protect you.
In the Colonial Pipeline attack, for example, the attackers downloaded 100 gigabytes of corporate data and then encrypted the original data on the network. Let’s take the average cost per corporate record at $150 and a total record count at 26,000. If this data had been identified, remediated, and encrypted beforehand using Introspec, adjusting the count by 50% to 13,000 records, the total cost savings would’ve been close to $2 million.
However, no risk mitigation plan can come to fruition without having the support from key stakeholders and a collaboration of department heads within legal, IT, compliance and governance.
Stopping the Ripple Effect
Breaches like the Colonial Pipeline attack can have a ripple effect that not only affects the bottom line, but it can also find itself within future litigation and compliance issues.
As we have seen in the recent upheld $1.4B class action settlement from the Equifax data beach of 2017, the effect of one incident could be felt for years to come.
Introspec does not only reduce your footprint; it is a full governance, risk, and compliance technology. It uses AI-powered technology and machine learning algorithms to find locations within your data silos that contain sensitive information. It then moves that data dictated by your security team who handles sensitive information and provides data access rights for further management.
For more information on Introspec from TLS, please visit our website or get in touch with our expert information governance team.