CAMBRIDGE, MA – 14 Dec 2016 – Resilient, an IBM Company today released the industry’s first Dynamic Playbook for ransomware, aimed at helping organizations globally respond effectively to this growing type of cyberattack. Dynamic Playbooks, the latest innovation to Resilient’s Incident Response Platform, automate and orchestrate, in real-time, the variety of actions organizations need to take in response to cyberattacks.
According to a new IBM (NYSE: IBM) study, seven out of 10 U.S. businesses surveyed infected with ransomware have paid to resolve a ransomware attack, with more than half paying more than $10,000. To help organizations respond rapidly and strategically to this type of threat and many other types of threats, Resilient’s new Dynamic Playbooks are an industry first in the incident response management market. Resilient’s Dynamic Playbooks provide an unmatched orchestration of incident response by adapting in real-time to the details of a cyberattack or other business threat, and enabling effective, rapid response to more sophisticated threat types.
“Fast-moving, sophisticated threats like ransomware require new and actively adaptive response methods. Resilient’s Dynamic Playbooks set another new standard for agility, intelligence, and sophistication in the battle to respond to and recover from today’s complex cyber threats,” said John Bruce, CEO and Co-Founder of Resilient, an IBM Company. “Ransomware is just one example of the cyberattacks facing companies today, but its growing rate of prevalence is threatening businesses like never before. This technology arms companies with a response approach that manages the intensity of the problem.”
Resilient’s Dynamic Playbooks share several critical and differentiating attributes:
- Agile: Resilient’s Dynamic Playbooks continually react to changes by leveraging rules and scripts that implement business logic and enriching incidents as they progress.
- Intelligent: By leveraging information from other connected systems, Dynamic Playbooks make rules-based decisions to take actions – such as increasing priority or involving other parts of the organization, such as legal. By the time an analyst opens an incident, many repetitive, initial triage steps have already been completed.
- Sophisticated: Dynamic Playbooks keep business rules separate from workflows, eliminating the need for a proliferation of static playbooks with only slight variations, and keeping management overhead to a minimum.
As an example of how this works, consider a spear-phishing attack on a work laptop used by a senior executive. Before an analyst in the security operations center even sees the incident, rules and conditions associated with the Dynamic Playbook have used information from connected systems to determine that the user is an executive, automatically escalated the alert to tier-2 analysts, raised the official severity code for the incident, and notified the company’s legal team.
In addition, Resilient’s Dynamic Playbooks support integrations with more than 100 other systems that may be present in a typical security environment, providing Resilient clients with a seamless, centralized incident response hub. Built for security leaders by security leaders, Resilient’s Incident Response Platform processes more than 1 million incidents a day.