Ransomware Readiness Assessment

Ransomware and the associated cyber extortion threat is a common and growing risk faced by organisations. Sekuro’s Ransomware Readiness Assessment’s enable your organisation to understand gaps and remediate ransomware exposure risk.

Ransomware Readiness Assessment - Why is it Useful?

A ransomware attack can be catastrophic. Recent research by Sekuro Partner, Rubrik, indicates that CISOs recognise ransomware as the #1 threat they face, and that no relief is in sight with 69% of respondents considering it likely they will be successfully hit at least once in the next year.

A Ransomware payment screenshot. Let's hope you never see one for real.

What is a Sekuro Ransomware Readiness Assessment?

A Sekuro Ransomware Readiness Assessment involves the following tasks:

  • Unauthorised internal Active Directory enumeration, escalation, and lateral movement activities
  • Authorised internal Active Directory enumeration, escalation, and lateral movement activities, via a Standard Operating Environment (SOE) Windows machine and associated Domain User account
  • Privilege escalation activities on an SOE Windows machine from the perspective of a Domain User
  • Ransomware technical control assessment on an SOE from the perspective of a Domain User
  • Organisation-wide email account breached password assessment
  • Network share assessment to identify sensitive or exploitable data accessible to end-users based on key phrases
  • Controlled and custom non-destructive ransomware deployment to a specific pre-defined Windows system to simulate encryption of data and test technical response

The assessments are based on real-world Tactics, Techniques, and Procedures (TTPs) utilised by ransomware adversaries and cyber-criminal organisations to compromise and deploy ransomware throughout corporate Windows environments.

What happens after the Sekuro Ransomware Readiness Assessment is completed?

Upon completion of the Sekuro Ransomware Readiness Assessment, a detailed report which outlines prioritised, actionable remediation activities to increase ransomware resilience will be provided. The report will focus on risk, based on the known and assumed actions of ransomware adversaries and cyber-criminal organisations.

Sekuro can be engaged by your organisation to further address any identified gaps or vulnerabilities through our Offensive Security, GRC, or Technology and Platform teams.

Already know what you are after?

Get a quick quote from our consultants.

Scroll to Top