The most comprehensive ransomware control framework in The Netherlands is launched

Schubergphilis website medium Annemiek Deering
Annemieke Deering
May 19, 2023 · 5 min read
I Stock 1399980046

Ransomware is considered the highest cyber security threat by the National Coordinator for Counterterrorism and Security. Thanks to its ability to steal and make data inaccessible, ransomware paralyzes its victims. It causes irreversible organizational damage and severe consequences that range from inconvenient to devastating. Ransomware attacks have tripled in the past two years. Cybersecurity experts warn: it is not a question of if we are attacked, but when we are attacked.

Yet 50% of large enterprises worldwide do not have a ransomware response plan. Clearly, companies are struggling to find the right security measures to protect themselves, let alone implement them. This urgency is accelerated by European regulations soon to take effect, such as the Network and Information Security Directive (NIS2) for organizations in vital industries and the Digital Operational Resilience Act (DORA) for financial institutions.

Ransomware Control Framework
In response, Norea, is publishing a ransomware control framework. The first of its kind in the Netherlands and accessible to all, this framework selects the most relevant controls that organizations can deploy to increase their defense against and response to ransomware. The framework is built on CIS (Center for Internet Security) Version 8, one of the most detailed cybersecurity frameworks to date. The framework has been validated and supplemented with ransomware-specific controls based on many interviews with cybersecurity experts and IT professionals and analysis of all international authority publications on ransomware prevention and response.

“This framework is unique because it links each control to a specific step in the so-called ransomware kill chain, says Sandeep Gangaram Panday (Trust Accelerator Lead, Schuberg Philis). Based on the outcome of the threat analysis, organizations can now determine which controls belong to which step of the kill chain. Crucially, they can also implement the measures we have included as recommendations for properly managing their response to an attack.”

Sandeep Gangaram Panday, Risk Manager

The study
The ransomware control framework
stems from an in-depth study conducted by Leon Zwakenberg at the University of Amsterdam together with Sandeep Gangaram Panday, Trust Accelerator Lead at Schuberg Philis and author of the NOREA report DevOps and Agile in control, in collaboration with Norea.

Ransomware event
We encourage anyone interested in preventing ransomware attacks to read the publication. The Ransomware in control paper as well as the framework will be officially launched during an exclusive event on Wednesday, June 14 at 3:30 p.m. at the offices of Schuberg Philis in Schiphol-Rijk, the Netherlands.

Want to attend the launch? Please click on the following link.

Sandeep Gangaram Panday contact

Want to know more?

Contact Sandeep Gangaram Panday.