Insights

Every day, Kivu engages with clients recovering from devastating ransomware attacks. Usually, that entails discussing a client’s recovery needs with its insurer to determine whether recovery can be reimbursed. Kivu's Vice President of Advisory Services, Adam Tyra's most recent article dives into the concept of "betterment" and offers guidelines to define "betterment".

Join Kivu Consulting's Director of Incident Response, Candice Wendt for an interview with King & Spalding's Chief Privacy Officer and Data, Privacy, and Security Practice Lead, Phyllis Sumner.

There are many vulnerabilities that criminals can exploit for a ransomware event, and organizations must account for them all. Well-known tactics like phishing and brute force attacks receive the most attention. However, more obscure threats like “malvertising” can also become the organization’s Achilles heel.

The Russian conflict against Ukraine brought devastating impacts for both nations.  Beyond the initial tragedy, as fighting continues and sanctions sink in, government and industry can expect cascading implications of a global magnitude.  Those implications include greater cyber risk. What does that mean for paying ransom demands?

In the wake of Russia's invasion into Ukraine, some have suggested that the United States might respond with cyberattacks against Russia. While a preemptive cyberattack on another nation is a jarring proposal, it certainly isn't new. 

While far from the front lines, US companies clearly have an increased cyber risk from the Russian instigated conflict against Ukraine.  After Russian military hackers carried out intensive cyberattacks against several of Ukraine’s banks and government websites, Britain's National Cyber Security Centre (NCSC) warned of potential cyberattacks with "international consequences."

With the growth of frequency and sophistication of cybercrime, organizations must prepare and remain vigilant for this leading risk.  Kivu Consulting offers the following roadmap for organizations to find solid footing during a ransomware event. 

As employers allow more employees to work from home, safeguarding company networks continues to be a challenge. To mitigate the increased risk from phishing campaigns targeting remote workers, many companies have adopted two-factor authentication (2FA).

Ransomware is a costly and devastating business interruption that will continue to be the largest security issue in 2022.Download Kivu Consulting’s 2022 Ransomware Report for a breakdown of the 2021 ransomware landscape, ransom payment trends, and for information on navigating negotiations.

Kivu Consulting, a leading provider of cybersecurity and forensic services to organizations worldwide, announced Shane Sims has been chosen to become its new Chief Executive Officer.

In the digital age, loss of access to business technology has the potential to destroy overnight what a company has spent decades building.

On December 9, 2021, an exploit proof-of-concept was made publicly available for a vulnerability in open-source logging utility, Apache Log4j versions 2.14.1 and below. This exploit, CVE number 2021-44228, allows attackers to force vulnerable applications to remotely run arbitrary code without authentication, resulting in a complete compromise of the application and the system running the application.