Calculate Your Ransomware Score With HYCU

Calculate Your Ransomware Score With HYCU

Chris EvansData Management, Data Protection, HYCU

HYCU Inc. has released a new online tool that enables any IT organisation to evaluate its readiness to deal with ransomware.  Businesses need to “just get started” in determining their exposure and capability to deal with the ransomware challenge.  The R-Score calculation is a great place to start.

Background

The impact of ransomware is an increasingly significant problem that all IT-dependent businesses must address.  A ransomware attack can restrict business operations, have direct financial costs, and in extreme cases, shut down companies for good.  Of course, the fallout from ransomware isn’t purely economic but can threaten healthcare and other industries with a more personal impact.

For many IT organisations, the biggest question to ask is where to start in addressing the ransomware challenge.  As we discussed in this post, the data centre has evolved from a walled garden into a highly distributed environment, where much of the technology may not be owned by the business.  So, the challenges of managing IT infrastructure are more complex than ever.  In addition, ransomware is continually evolving, making the need to have a robust ransomware strategy even more imperative. 

The message is clear – getting started with a strategy is the most critical first step to take.

R-Score

HYCU Inc. has taken the initiative to create a dedicated website that enables any IT organisation to answer a basic set of questions and obtain a preliminary rating on ransomware readiness.  The result is a single value, from 0 to 1000, much like a credit score.  The questions are divided up into the following categories:

  • Backup Process – an exploration of the current backup processes in place.
  • Backup Infrastructure – validation of the backup solution(s) in operation.
  • Security & Networking – a review of key issues as they relate to backup.
  • Restoration Assurance – validation of recovery testing processes in place.
  • Disaster Recovery – details on DR processes in addition to traditional backup.

Within each section, the initial assessment asks a handful of questions, most with dropdown selections or simple percentage answers.  On completion, the results show as a score, with each section highlighted in a RAG (Red/Amber/Green) rating to establish which areas need further work.

Example R-Score

HYCU offers further consultation with partners to review the results and, where appropriate, do further deep-dive assessments.

Process

The vast majority of the questions in the R-Score questionnaire relate to process and risk.  Ultimately, the specific technology used for backup and restore is less important than ensuring a comprehensive approach is in place to protect and recover from a ransomware attack.  Naturally, (as HYCU will attest) the capabilities of any backup solution need to have widespread platform coverage and a consistent approach to applying data protection policies. 

Evolution

As we’ve highlighted already, ransomware attacks evolve.  Businesses need to be proactive in regularly reviewing data protection policies.  As a result, we should expect HYCU to frequently update and develop the R-Score process, taking into consideration the changes in ransomware attacks. 

The Architect’s View™

Many IT organisations may be struggling with understanding where to get started in building a ransomware mitigation strategy.  The R-Score process enables businesses to get started on this journey, which will undoubtedly evolve over time.  The value of taking an assessment has multiple benefits to an organisation.  It exposes areas for remediation but also provides a degree of assurance that will directly affect business costs, such as ransomware insurance.  With so much at stake, when will you take the test?


Post #ef9f. Copyright (c) 2021 Brookend Ltd. No reproduction in whole or part without permission.