Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

September 2021

Initial Access Brokers: Fueling the Ransomware Threat - The Monitor, Issue 17

Kroll has observed an uptick in actors offering network access on the dark web, particularly in the wake of recent disruptions to the ransomware-as-a-service (RAAS) ecosphere such as the ban on ransomware discussions in notorious underground criminal forums.

Data Exfiltration in Ransomware Attacks: Digital Forensics Primer for Lawyers

Nearly 80 per cent of all ransomware attacks in the first half of 2021 involved the threat of leaking exfiltrated data. Exfiltration is a popular pressure tactic as it introduces the threat to publish stolen sensitive data to a threat actor extortion website if a ransom payment is not received. Our team currently tracks over 40 threat actor extortion websites, with new sites belonging to new ransomware groups emerging each week.

Aligning Legal and Information Security - State of Incident Response 2021

The State of Incident Response 2021 surveyed 400 information security and 100 legal and compliance leaders from companies with over $500M in annual revenue, identifying a lack of clarity from information security professionals about when and how to engage legal as part of an incident response. The survey also identified challenges with digital evidence preservation, breach notification readiness, a proper communication process.

Incident Response Automation Challenges - State of Incident Response 2021

With the volume and sophistication of cyber threats growing, we asked 400 information security and 100 legal and compliance leaders from companies with over $500M in annual revenue how their organizations are planning to deal with incident response. Nearly all teams plan on automating more of their IR process, but nearly half face headwinds like lack of in-house expertise, lack of proper technology, and lack of bandwidth.

Cybersecurity Budgets Increasing, But Internal Challenges Remain - State of Incident Response 2021

We surveyed 400 information security and 100 legal and compliance leaders from companies with over $500M in annual revenue and more than half reported increased cybersecurity budgets for next year and that their executive leadership is more aware of cyber threats. However, over 40% report internal obstacles with the adoption of security processes, lack of organization-wide support, and a "bare minimum" approach to security.

The Role of Managed Detection and Response - State of Incident Response 2021

Internal security teams are overwhelmed by cyber threats and finding seasoned incident response professionals is now harder and more expensive. The State of Incident Response 2021 surveyed 400 information security and 100 legal and compliance leaders from companies with over $500M in annual revenue to learn how managed detection and response vendors are incorporated into their security programs. Over 76% of organizations are relying on a third-party vendor to augment in-house capabilities, and their biggest benefit is delivering faster containment, response, and more automation capabilities.