Ransomware resilience: It’s time to be ‘extra Bruce Lee’
I don’t think about there are numerous CISOs who use Bruce Lee as a degree of reference for enhancing cyber safety methods? Nevertheless, the philosophy of his hybrid martial artwork – Jeet Kune Do – relies on many ideas related for staying forward of ransomware hackers.
The UK’s Nationwide Crime Company just lately highlighted how the ransomware panorama has entered a post-trust ecosystem. This refers to a extra unpredictable and harmful risk panorama, and an setting that’s interconnected. Nothing seems off limits for cyber criminals. They’re prepared to push the boundaries of innovation, experimentation and collaboration to remain forward of legislation enforcement businesses and to remaster ransomware assaults that pressure victims into coercion.
A current ‘strategic alliance’ between three ransomware teams – DragonForce, LockBit and Qilin – epitomises how the ecosystem is altering and adapting. The Hacker Information reported their coalition goals to share methods, assets and infrastructure to strengthen general capabilities. Strikes similar to this present a stage of interconnectivity and evolution within the creation and deployment of ransomware threats, which requires organisations to be extra alert and knowledgeable. That is the place the ideas of Jeet Kune Do apply.
Enter The Dragon
Bruce Lee primarily based Jeet Kune Do on a philosophy which advocates practices of absorbing what is beneficial, discarding what is just not, partaking in directness and ease to successfully and shortly finish confrontation, and maybe most significantly, the martial artwork’s core tenet of ‘the best way of the intercepting fist’. It’s a method of martial arts crafted to neutralise an assault by way of a simultaneous defensive and offensive transfer. So, how does this apply to ransomware mitigation?
Many forward-thinking organisations have invested in sturdy cyber safety defences. Nevertheless, ransomware assaults are profitable as a result of their perpetrators are capable of set up entry into organisations through a mess of the way, making it tougher for safety groups to detect and monitor each attainable entry level. Each safety staff is overwhelmed with monitoring; tuning and prioritising instructions is an infinite steadiness of noise to sign ratio. Basically, can I observe each attainable assault? And at what stage would I wish to detect? Realizing earlier might help reduce impression however creates extra alerts to evaluate. It’s a dilemma.
Hackers are always placing organisations beneath the microscope, scrutinising how they construct defences and data constructing to tell their assault methods. Cyber safety groups should undertake the identical stage of commentary and scrutiny by proactively monitoring the threats they face.
Cyber risk intelligence can allow organisations to higher perceive ever-shifting ransomware threats. Subtle vulnerability and assault floor intelligence will analyse billions of knowledge factors from throughout the open and darkish webs, and technical sources, offering a complete exterior view of the vulnerabilities, misconfigurations and different exposures which are in probably the most pressing want of evaluate and potential remediation. This method is the Jeet Kune Do precept of absorbing what is beneficial and discarding what is just not, permitting organisations to prioritise the highest-risk threats.
The GCHQ’s Nationwide Cyber Safety Centre (NCSC) reported that the UK skilled 4 nationally vital cyber assaults each week within the 12 months to September 2025. This can be a snapshot of the escalating and relentless stage of risk that organisations face, and never all threats are equal. Some dangers pose a extra fast hazard, that means in the present day’s cybersecurity methods ought to have actionable and recent intelligence to prioritise detection, remediation or mitigation, to make sure defences work as anticipated.
Anticipating assaults
Ransomware instruments, methods and techniques don’t stand nonetheless. Risk actors are leveraging the brand new potentialities of synthetic intelligence (AI), discovering earlier factors of entry in provide chains for exploitation and refining social engineering and phishing to make assaults tougher to foretell. Cyber risk intelligence can allow organisations to maintain tempo with these developments, offering business-critical perception concerning the; what, why, when and the way of risk actor behaviour.
Id intelligence, for instance, can allow organisations to successfully monitor for compromised worker credentials, analysing uncovered credentials in close to real-time throughout the darkish net, boards, paste websites, felony marketplaces and bot infrastructure. Passwords and trusted entry particulars gained from social engineering will be detected and actioned earlier than attackers weaponise them as a gateway for ransomware deployment. It’s a stage of proactivity that displays the Jeet Kune Do precept of partaking in directness and ease to successfully finish confrontation.
Constructing data of ransomware threats creates the flexibility and alternative for organisations to ‘intercept the fist’ earlier than an attacker strikes. Cyber risk intelligence might help groups to effectively seize, compile, and analyse risk information, turning it into actionable insights throughout all the important thing elements of a cybersecurity programme – folks, processes, merchandise and insurance policies. All these elements will be knowledgeable by a real-world view of what hackers are doing, unlocking the potential to higher predict, prioritise and stop ransomware assaults. Being defensive alone received’t obtain this.
Jason Steer is chief data safety officer at Recorded Future.
