Home/Glossary/Ransomware

Ransomware

Malware that encrypts systems or exfiltrates data, demanding payment to restore access or prevent disclosure.

Risk & Resilience

Modern ransomware operators blend extortion with data theft, targeting the most business-critical systems.

Attack pattern

  • Initial access via phishing, exposed services, or compromised credentials.
  • Lateral movement to escalate privileges and locate backups.
  • Encryption or data theft, followed by ransom demands and deadlines.

Defensive focus

  • Enforce MFA and monitor remote access.
  • Segment backups and test restoration regularly.
  • Use EDR and network detection to spot lateral movement early.

Related Tools

Related Articles

View all articles
MDR Vendor Performance Benchmarks: The Metrics That Matter

MDR Vendor Performance Benchmarks: The Metrics That Matter

Only a handful of MDR providers publish detection and response time benchmarks. We compiled every publicly citable metric from CrowdStrike, Expel, Huntress, eSentire, Arctic Wolf, Red Canary, and Microsoft to help you compare vendors on data, not marketing.

Read article →
CrowdStrike vs SentinelOne: Endpoint Security and MITRE ATT&CK Compared

CrowdStrike vs SentinelOne: Endpoint Security and MITRE ATT&CK Compared

Both CrowdStrike and SentinelOne deliver strong MITRE ATT&CK detection results. The key difference: CrowdStrike is the only vendor with MITRE Managed Services evaluation.

Read article →
Check Point Harmony vs Proofpoint: Choosing Email Security for Google Workspace

Check Point Harmony vs Proofpoint: Choosing Email Security for Google Workspace

Compare legacy Secure Email Gateways (SEG) like Proofpoint with modern API-based email security solutions like Check Point Harmony for Google Workspace environments. Learn why architecture matters for cloud email protection.

Read article →
AWS S3 Complete Guide: Storage, CLI, Security & Cost Optimization

AWS S3 Complete Guide: Storage, CLI, Security & Cost Optimization

The definitive guide to AWS S3 covering core concepts, CLI commands, storage classes, security best practices, and cost optimization. Master S3 from fundamentals to production deployment.

Read article →

Explore More Risk & Resilience

View all terms

Business Impact Analysis (BIA)

An assessment that identifies critical business processes and quantifies the impact of their disruption.

Read more →

Cyber Insurance

Insurance coverage that protects organizations against financial losses from cyberattacks and data breaches.

Read more →

Data Breach Cost

The total financial impact of a security incident, including detection, response, notification, and long-term damages.

Read more →

Incident Response Plan (IRP)

A documented, tested approach for detecting, containing, and recovering from cybersecurity incidents.

Read more →

MITRE ATT&CK Framework

A globally accessible knowledge base of adversary tactics, techniques, and procedures mapped to the attack lifecycle.

Read more →

Recovery Point Objective (RPO)

The maximum acceptable amount of data loss measured in time, defining how far back systems must be restored after an incident.

Read more →
Back to glossary