Ransomware has easily become one of the most notorious enterprises of the 21st century – with unprecedented success in the last 24 months by targeting vulnerabilities in the cloud and software supply chain, attacking industrial processes and targeting unsuspecting victims on holidays and weekends .

Even worse, as our hyper-connected world spawns new and emerging threat vectors every day, we know that breaches are inevitable these days and cyber-attacks are the new normal — they happen right now. Research shows that 76% of organizations have been victims of a ransomware attack in the last two years and 82% have paid at least one ransom.

Cybersecurity spending is higher than ever, but we still suffer from ransomware losses – and not just financially. Attacks such as those on Colonial Pipeline and SolarWinds confirm the societal and economic implications of ransomware, and we continue to witness one devastating attack after another on critical US infrastructure and other critical civilian sectors (think education and healthcare).

Far too many organizations are still in the eye of a cyberstorm, so apathy and lack of action are unacceptable. Business leaders must act proactively to increase cyber Resilience before it is too late.

Assume a breach, improve resilience, monitor the impact

Ten years ago, it was enough for business leaders to focus solely on strengthening perimeter defense prevention (VPNs, firewalls). Now, in the wake of accelerated digital transformation efforts – fueled in large part by the pandemic and the current era of hybrid work – the attack surface has increased significantly, leaving more endpoints, cloud environments, and potential exploitation opportunities open and available to bad actors.

With organizations now managing a hybrid workforce, sprawling hybrid IT domains and broader supply chains, it’s no longer a matter of if bad actors will beat the perimeter defenses; it is a matter of when. That’s why the current industry-wide focus on “strengthening resilience” has never been more topical or essential.

One of the resilience frameworks that has been placed even further in the cyber spotlight in the past 24 months is zero trust. This cybersecurity approach was first introduced by Forrester over a decade ago. It is a framework based on the principles of “presume infringement” and “least privilege”.

In a zero trust approach, organizations are encouraged to limit access to a select few and necessary (least privileges) and assume that everything will inevitably be violated (suppose breakage). The duality of the zero trust mindset recognizes the certainty of a breach while ensuring organizations rigorously secure access and proactively limit exposure. We like to refer to this as ‘infringement risk reduction’.

With zero trust practices, technologies and policies, organizations are better positioned to quickly address cyber incidents (reducing downtime) and mitigate the associated business and operational impact. But there are still steps that agencies, organizations and the federal government need to take to help the private and public sectors maximize resilience.

Zero trust resilience starts with education and alliances

In today’s hyper-complex, dynamic, cloud-first world, cyber resilience won’t work unless we come to a collective agreement on our best way forward.

There remains a lot of confusion within the federal government about cybersecurity mandates and best practices. As President Joe Biden takes a federal move toward a zero trust architecture in his… Executive order last May (repeating the importance of the zero trust framework earlier this year), several agencies, including the Agency for Cybersecurity and Infrastructure Security (CIS), National Institute of Standards and Technology (NIST), and the US Department of Defense have all adopted separate and varying zero trust best practices.

Organizations are increasingly recognizing cybersecurity as a vital necessity, but there is no unified agreement on what zero trust should look like in action. The lack of a single plan creates confusion and hinders our ability to teach, ultimately hindering resilience efforts in general. To become more sustainable in cyberspace, we need to reach consensus on an effective plan – a kind of roadmap – and form a united front for organizations to follow in improving fundamental resilience efforts without trust.

Continuous cybersecurity education, at a more general level, is also essential for continuing ongoing resilience initiatives. In June, President Biden signed into law the “State and Local Government Cybersecurity Act of 2021,” which requires the National Cybersecurity and Communications Integration Center (NCCIC) to provide training, conduct exercises, and promote cybersecurity education and awareness at all lower levels of government. In addition, earlier this year the “Cybersecurity Grants for Schools Act of 2022”” was introduced, allowing CISA to award grants for primary and secondary education and training programs in cybersecurity.

This is the federal cyber momentum we need. As the hybrid attack surface continues to evolve and broaden around us, we must continue to take steps in the right direction – and we must act faster. The enemy of a good plan has always been a perfect plan. While we are looking for perfection, the attacker is always on the move. While we debate, they attack. We need to gradually become safer and build resilience every day.

The road ahead of us

Ransomware and cyber attacks do not go away. In fact, the threat landscape is changing, with bad actors changing names and innovating more aggressively than ever before. But businesses, government agencies and other organizations can catalyze resilience efforts by continuing to educate about cybersecurity best practices, provide formalized guidance on zero trust and other fundamental resilience frameworks — and ultimately take action.

As our world becomes more and more hyper-connected, resilience initiatives like zero trust are only as strong as the weakest link in our global chain. And as our adversaries continue to move more aggressively in cyberspace, there has never been a better time for all of us to align and strengthen our resilience than now.

Andrew Rubin is CEO and Co-Founder of Illumio