The threat of ransomware attacks increasingly involves more than data or networks being held hostage. Often, bad actors linger, infiltrating networks to strike again later.
That leaves the onus on security teams to respond to the initial attack, but also identify what other systems may be compromised, said Diana Kelley, co-founder and partner at SecurityCurve, during a fireside chat with SC Media Editor in Chief Jill Aitoro.
“They're trying very hard to persist within organizations and to keep quiet” until their ready to monetize, Kelley said. “So you want to make sure you looked everywhere within your network and within your connected network to ensure that you've really gotten them out of the system.”
The corporate world is starting to pay more attention to segmentation as part of what Kelley described as "a foundation of zero trust," dividing networks into smaller parts, which improves both performance and security.
That said, as critical as segmentation can be to prevent lateral movement within the network, Kelley says it can be tricky for organizations few resources to spare.