IT exists to provide data access to authorized users and applications. With the understanding that it must be saved, stored and protected in order for it to be accessed by users and applications. Ransomware is being elevated from the IT department to the boardroom due to concern about the direct costs and negative brand value has elevated
Ransomware as a Service (RAAS) has lowered the technical hurdle for criminals to get into the game. With more criminals come more attacks against organizations. The typical response dates back to the medieval ages and that is to put up more gates and add more guards at each gate. Most criminals are not using brute force to enter the organizational castle. Scanning applications look for Indicators of Compromise (IoC) such as known digital fingerprints provide a speed bump for cyber barbarians, as the digital signatures, at a file or code block, are easy to modify. In response IT is upping its gate protection schemes by adding zero trust and multi-factor authentication. I am not disagreeing with this approach.
At some time organizations will realize that the passive gate protection onion has so many layers and each layer introduces latency, increases complexity and decreases productivity. A good analogy can be found by examining Statins. They are used to medicinally fight high bad cholesterol levels, which if unchecked can lead to death. However, Statins often interact with other medicines negatively and this can lead to severe sickness or death. Unlike medicines where doctors study the impact of side effects and cross contamination, no such effort exists for layers of cyber protections.
Is this a missed opportunity? Or is there a better approach?