Jun 06 2024

Why Cyber Resilience Is Critical for Minimizing the Impact of Ransomware Attacks

State and local agencies must prepare to withstand and quickly recover from breaches.

Ransomware attacks are increasing in frequency, scale and sophistication. According to the most recent Rubrik Zero Labs report, “The State of Data Security: Measuring Your Data’s Risk,” 94 percent of IT and security leaders reported that their organizations experienced significant cyberattacks last year; one-third of these victims endured at least one ransomware attack.

Today, it can take days or weeks for an organization to recover from cyber incidents and resume operations. State and local government agencies need a clear plan that delivers business continuity, speeds recovery time and capitalizes on the reset moment following a cyberattack. Today, cyberattacks are not a hypothetical threat; they are a near guarantee.

Today’s threat landscape is becoming increasingly formidable, but state and local government agencies can become better equipped to take on their cyber enemies by prioritizing cyber resilience.

Click the banner below to learn more about cyber resilience.


What Is Cyber Resilience?

The cybersecurity industry has spent decades trying to prevent attacks and data loss, but it has now become clear that stopping them completely is impossible. Relying on prevention alone is a failure to plan. State and local agencies need cyber resilience — a combination of cyber posture and cyber recovery — to stay up and running, even as they fight off cyberattacks. Cyber resilience is the next frontier in cybersecurity, and government agencies can help pave the way forward.

LEARN MORE: The ransomware threat against agencies is changing.

Why Is Cyber Resilience Essential?

Safeguarding data in today’s cyber landscape is no small feat. The Rubrik Zero Labs’ “State of Data Security: The Journey to an Uncertain Future” report found that we are experiencing a data explosion; according to Rubrik data, a typical organization’s data has increased 42 percent over the past 18 months. In the same report, 66 percent of IT and security leaders believe their organization’s current data growth is outpacing their ability to secure this data and manage risk. 

If we stay on this course without keeping up, we’re looking at an indefensible future.

In addition, new technologies such as artificial intelligence (AI) and the variability and velocity of data generation today demand a new approach. Organizations need the proper visibility into their data to secure it, with a clear plan for cyber resilience that allows operations to continue in the face of disruption.

Cyber Resilience Sidebar


What Does Cyber Resilience Look Like in the Face of Ransomware?

To show how cyber resilience could work in the real world, let’s look at one example: In 2019, the city of Lodi, Calif., experienced a ransomware attack that restricted access to its data and significantly impacted municipal services, including putting the city's police department nonemergency number and the department of public works’ emergency lines out of service. If the city had a cyber resilience plan in place, it could have avoided or lessened the negative impacts of the attack.

Here’s how this looks in practice:

  • Effective cyber resilience starts with strong data security, including access-controlled backups of state and local governments’ data. This is vital for both safeguarding data and restoring data during an attack to avoid interrupting the organization’s critical functions.
  • Agencies then must have the ability to continuously monitor for emergent cyberthreats — including ransomware and sensitive data exposure — through data risk assessment and anomaly detection This can tip off state and local governments to issues such as sensitive data being exposed, which they can then quickly lock down.
  • Should a ransomware attack bypass these defenses, state and local government bodies need tools that support cyber resilience. This allows them to rapidly restore impacted apps, files or objects by containing threats and initiating recovery while simultaneously avoiding malware reinfection. In the Lodi example, this means the city’s critical phone lines could have stayed in service, and its sensitive data could have still been accessible despite an active ransomware infection. 

Enhanced data security and continuous monitoring are essential for thwarting ransomware attacks such as the one that occurred in Lodi, but no strategy is 100 percent effective. Staving off and recovering from ransomware attacks will be an ongoing challenge for state and local government agencies, especially as their attack surfaces continue to expand and technologies such as generative AI give cybercriminals an edge. Cyber resiliency must be a top priority to ensure operational continuity when — not if — ransomware attacks occur.

Matt Kilroy/Getty Images

Learn from Your Peers

What can you glean about security from other IT pros? Check out new CDW research and insight from our experts.