Resilient, an IBM company, released the industry’s first Dynamic Playbook for ransomware, aimed at helping organizations globally respond effectively to this growing type of cyber-attack.
Dynamic Playbooks, the latest innovation to Resilient’s Incident Response Platform, automate and orchestrate, in real-time, the variety of actions organizations need to take in response to cyber-attack.
According to a recent study conducted by Resilient, seven out of 10 U.S. businesses surveyed infected with ransomware have paid to resolve a ransomware attack, with more than half paying more than $10,000. To help organizations respond rapidly and strategically to this type of threat and many other types of threats, Resilient’s new Dynamic Playbooks are an industry first in the incident response management market. Resilient’s Dynamic Playbooks provide an unmatched orchestration of incident response by adapting in real-time to the details of a cyberattack or other business threat, and enabling effective, rapid response to more sophisticated threat types.
Resilient’s Dynamic Playbooks share several critical and differentiating attributes:
Agile: Resilient’s Dynamic Playbooks continually react to changes by leveraging rules and scripts that implement business logic and enriching incidents as they progress.
Intelligent: By leveraging information from other connected systems, Dynamic Playbooks make rules-based decisions to take actions – such as increasing priority or involving other parts of the organization, such as legal. By the time an analyst opens an incident, many repetitive, initial triage steps have already been completed.
Sophisticated: Dynamic Playbooks keep business rules separate from workflows, eliminating the need for a proliferation of static playbooks with only slight variations, and keeping management overhead to a minimum.
For example, consider a spear-phishing attack on a work laptop used by a senior executive. Before an analyst in the security operations center even sees the incident, rules and conditions associated with the Dynamic Playbook have used information from connected systems to determine that the user is an executive, automatically escalated the alert to Tier-2 analysts, raised the official severity code for the incident, and notified the company’s legal team.
In addition, Resilient’s Dynamic Playbooks support integrations with more than 100 other systems that may be present in a typical security environment, providing Resilient clients with a seamless, centralized incident response hub. Built for security leaders by security leaders, Resilient’s Incident Response Platform processes more than one million incidents a day.