The threat of ransomware is becoming increasingly worrisome for Latin American corporations and governments. Organizations in Brazil are at an especially high risk, as the country represents the highest share (nearly 50%) of Latin American targets attacked using ransomware. While ransoms average around $170,000, they can reach into the tens of millions. The overall cost of such an attack—across regulatory fines, reputational damage, recovery efforts and legal proceedings—is usually far greater than the payment alone.
The most recent Cost of a Data Breach report from Ponemon Institute and IBM found that between 2019 and 2020, Brazil had the highest increase in the total cost of a data breach among all countries studied—with the average increasing by 29%. The study also found that remediating an incident in less than 200 days saves an average of $1.1 million. Given that Brazilian organizations typically take longer to respond than organizations in most other countries, at an average of 380 days compared to the U.S. average of 237 days, the need for improved ransomware readiness and incident response is clear.
In these crisis scenarios, an ounce of prevention truly is worth a pound of cure. The extent of preventative measures an organization has taken, and the speed at which an incident is identified and remediated, are directly linked to the likelihood of ransomware attack, how costly it will be and how quickly the organization can recover.
To mitigate the risk of a ransomware attack and become crisis ready, organizations need to address the following critical elements:
If an organization is hit with ransomware before a readiness strategy has been implemented, or if an attack occurs in spite of preventative measures, rapid coordination across cybersecurity incident response, investigation, legal and strategic communications is critical. When essential systems are compromised or sensitive data is at stake, every second counts. The first step is ensuring the matter is escalated to all key stakeholders across IT, security, executive leadership, legal and communications. With a response team assembled, stakeholders should be prepared to:
Knowing how to respond to a ransomware attack is vital, as the ultimate cost will largely depend on how prepared an organization was beforehand. The strongest cybersecurity programs are created proactively and upheld by stakeholders with expertise in information security threats and best practices, as well as the key legal, regulatory and communications challenges that come into play during an attack or breach. When supported by experienced and coordinated teams, cybersecurity programs can withstand the impact of a ransomware attack and continually improve alongside a rapidly evolving threat profile.
The views expressed herein are those of the authors and not necessarily the views of FTI Consulting, Inc., its management, its subsidiaries, its affiliates, or its other professionals. FTI Consulting, Inc., including its subsidiaries and affiliates, is a consulting firm and is not a certified public accounting firm or a law firm.
FTI Consulting is an independent global business advisory firm dedicated to helping organizations manage change, mitigate risk and resolve disputes: financial, legal, operational, political & regulatory, reputational and transactional. FTI Consulting professionals, located in all major business centers throughout the world, work closely with clients to anticipate, illuminate and overcome complex business challenges and opportunities. ©2021 FTI Consulting, Inc. All rights reserved. www.fticonsulting.com
Jordan Rae Kelly
FTI Consulting Strategic Communications