CyberCX Best Practice Guide

Ransomware and Cyber Extortion

How to protect your organisation

Executive Summary

Australian and New Zealand organisations face growing risks from cyber extortion, including ransomware.

In our engagement with boards and senior executives across industry and government in Australia and New Zealand, we are consistently told that the growing threat of ransomware and cyber extortion is one of the most significant risks facing our organisations. Governments and cyber security experts around the world, including Australian Government officials, are warning that these attacks have reached “pandemic” proportions.

This is no surprise: cyber extortion is a highly lucrative enterprise for cybercriminals.

In the first half of 2021, governments across the world have grappled with how to put pressure back on cybercriminals. While cybercriminals still maintain a winning lead in this ongoing race, law enforcement agencies, particularly in the United States and Europe, have also stepped up their approach, with some notable recent disruption operations.

However, cybercriminals are resilient and innovative. As governments and police take action, criminals restructure their organisations and adapt their tactics, finding new ways to increase the impact of their attacks and also increase the pressure on victim organisations to pay up.

Every organisation needs a strategy for preventing and responding to ransomware and cyber extortion.

Government and law enforcement can certainly do more to address this chronic cybercrime issue, however the private sector also has a role to play. All organisations can take more effective steps to prevent these attacks and minimise the damage when they occur. That’s where this CyberCX Best Practice Guide can help.

This Guide provides practical tools for people at all levels of an organisation to understand and manage the risk posed by ransomware and cyber extortion.

CyberCX is committed to protecting the communities we live in. We want all Australian and New Zealand organisations to have access to knowledge and tools which will make it harder for cybercriminals to achieve their payday. By driving cost into the business models of cybercriminals, we can collectively disincentivise them from targeting organisations in our region.

01

The growing impact on Australia and New Zealand

Ransomware and Cyber Extortion

Part 1 of this Best Practice Guide is designed to be most relevant for the following audiences:

  • Directors and boards
  • Senior leaders and executives
  • CISOs and security professionals
02

Protect your organisation

Part 2 of this Best Practice Guide is designed to be most relevant for the following audiences:

  • CISOs and security professionals
03

Engaging with an attacker

Part 3 of this Best Practice Guide is designed to be most relevant for the following audiences:

  • Directors and boards
  • Senior leaders and executives
  • CISOs and security professionals

Download Part 1

Download Part 2

Download Part 3