Why ransomware attack simulation training is essential to prepare organisations for real-life cyberattacks
Image: Supplied
Businesses today are forced to navigate an increasingly perilous landscape of cyber threats, characterised by the increasing frequency and sophistication of cyberattacks.
The financial repercussions are staggering, with the average cost of a data breach reaching millions of dollars.
According to IBM's Cost of a Data Breach Report 2024, the global average cost of a data breach in 2024 was $4.88 million (R88.6 million), which is a 10% increase over the previous year and the highest total ever.
Beyond monetary losses, the erosion of customer trust and brand reputation can be irreparable. As cyber threats evolve, businesses must prioritise robust cybersecurity measures to safeguard their assets and ensure resilience in the face of this ever-present danger.
However, despite the ever-increasing threat of cyberattacks, many organisations still lack effective controls and incident response plans, nor do they have the 'muscle memory' gained from having faced and overcome a cyber breach previously.
This is where the value of a ransomware attack simulation becomes apparent, as it is a crucial component in helping to prepare organisations for effectively responding to cyber incidents. The insights gained from these simulations and training sessions can help enterprises adopt a 'survival time objective' mindset, which focuses on the key metrics of time to detect, time to respond and time to recover.
Challenges and critical decision points
These training events typically see participants experience a simulated cyberattack in small groups, taking on roles in the leadership team of a fictional company during a ransomware negotiation. Participants are faced with challenges and critical decision points as they choose their response plans against the backdrop of a crafted story based on known network breaches that have hit some of the biggest global companies.
This approach – along with developing a robust response plan – can significantly enhance an organisation's cyber resilience and facilitate continuous business operations as it emphasises the growing need for businesses to proactively address the threat of ransomware and cyberattacks.
Video Player is loading.
Play Video
Play
Unmute
Current Time
0:00
/
Duration
-:-
Loaded :
0%
Stream Type LIVE
Seek to live, currently behind live
LIVE
Remaining Time
-
0:00
This is a modal window.
Beginning of dialog window. Escape will cancel and close the window.
Text Color White Black Red Green Blue Yellow Magenta Cyan
Transparency Opaque Semi-Transparent Background Color Black White Red Green Blue Yellow Magenta Cyan
Transparency Opaque Semi-Transparent Transparent Window Color Black White Red Green Blue Yellow Magenta Cyan
Transparency Transparent Semi-Transparent Opaque
Font Size 50% 75% 100% 125% 150% 175% 200% 300% 400% Text Edge Style None Raised Depressed Uniform Dropshadow Font Family Proportional Sans-Serif Monospace Sans-Serif Proportional Serif Monospace Serif Casual Script Small Caps
Reset
restore all settings to the default values Done
Close Modal Dialog
End of dialog window.
Advertisement
Video Player is loading.
Play Video
Play
Unmute
Current Time
0:00
/
Duration
-:-
Loaded :
0%
Stream Type LIVE
Seek to live, currently behind live
LIVE
Remaining Time
-
0:00
This is a modal window.
Beginning of dialog window. Escape will cancel and close the window.
Text Color White Black Red Green Blue Yellow Magenta Cyan
Transparency Opaque Semi-Transparent Background Color Black White Red Green Blue Yellow Magenta Cyan
Transparency Opaque Semi-Transparent Transparent Window Color Black White Red Green Blue Yellow Magenta Cyan
Transparency Transparent Semi-Transparent Opaque
Font Size 50% 75% 100% 125% 150% 175% 200% 300% 400% Text Edge Style None Raised Depressed Uniform Dropshadow Font Family Proportional Sans-Serif Monospace Sans-Serif Proportional Serif Monospace Serif Casual Script Small Caps
Reset
restore all settings to the default values Done
Close Modal Dialog
End of dialog window.
Next
Stay
Close ✕
Ransomware attack simulations force executives to ask themselves critical questions when facing a breach, such as how to respond and what the plan of action should be. The key objective of a simulation is to empower businesses and help them adopt the right mindset when it comes to addressing cyber threats.
Not only do the insights gained from simulation exercises help organisations better prepare for and respond to ransomware and other cyberattacks, but they also distinguish disaster recovery from cyber recovery, underscoring the importance of developing a tailored approach to cyber resilience, rather than relying solely on traditional disaster recovery plans. Lessons apply to real-life scenarios
Simulations are designed to help participants understand the perspectives and decision-making processes of the four key personas involved, namely the CEO, CTO, CISO and legal counsel. While it is a make-believe scenario, the lessons learnt from a simulation can be applied to a real-life cyber incident.
Simulations prompt participants to consider the critical statements, objectives and outcomes they would need to address when engaging with real-life threat actors. This includes weighing the decision to negotiate, potentially involving a third-party negotiator, and ultimately determining whether to pay the ransom or rely on the organisation's own cyber resilience and trust in deployed technologies.
Essentially, exposing executives to these advanced cybersecurity tools and strategies, simulations aim to give each persona, such as the CEO, CTO and CISO, the confidence to develop a comprehensive cyber resiliency plan and take the necessary actions to protect their organisation. In this way, simulations aim to better prepare organisations for the real-world challenges they may face when confronted with a ransomware incident.
This holistic approach to simulations, combining decision-making processes and practical cybersecurity solutions, helps prepare executives to effectively respond to and recover from real-world ransomware and cyberattacks, ultimately enhancing an organisation's overall cyber resilience.
Graham Brown, Country Manager at Commvault.
Image: Supplied.
BUSINESS REPORT
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Daily Maverick
25-06-2025
- Daily Maverick
Cybersecurity and AI: Just a trend or the backbone of the future economy?
In an era of mounting global uncertainty, cybersecurity stands out as a resilient, long-term investment theme. With the rise of AI-driven threats, escalating costs of data breaches, and a growing skills gap, protecting digital infrastructure has become business-critical. This article explores why cybersecurity is not just a tech trend but a structural necessity — and a R35-trillion investment opportunity in the making. No one can deny that we live in a time of enormous uncertainty. Investors are used to seeing market cycles with peaks and troughs, but even the most seasoned investors will agree that we are entering especially volatile territory with the rise of new technological, political and economic power dynamics against the backdrop of a rapidly changing and precarious world order. Yet even amid the heightened volatility, some themes stand out for their durability. These are known in the investment world as secular trends, or mega trends in plain language – long-term, structural trends in our world that we anticipate will continue to grow regardless of short-term market cycles, geopolitical upheavals, global power dynamics or economic spikes and crashes. For me, one important theme dominates our time: cybersecurity. This technological mega trend will carry on regardless of what happens on the global stage in the next two, five or 10 years. As portfolio managers navigating this uncertain global environment, we find comfort in investing in growth themes that are driven by greater fundamental, non-cyclical forces. We like cybersecurity because it is not a passing fad — it will be deeply integral to how the global economy and societies function in the future. The case for investing in cybersecurity Cybersecurity is no longer optional for modern enterprises — it's business-critical. Some of the most valuable assets any company possesses are its customer data, intellectual property and brand reputation. All three are increasingly vulnerable to sophisticated cyberattacks, and significant manipulation as well as enhancement by artificial intelligence (AI). In 2024, the world witnessed the largest global internet outage on record, caused by a faulty software update from a cybersecurity vendor — the CrowdStrike crash. This cascading failure highlighted how interconnected and fragile today's digital infrastructure has become. Crashes like these may become more frequent in the future and will cost the global economy billions in damages — so we need to be prepared. Malicious security breaches that cause disruptions and outages are equally, if not more, concerning. According to IBM's annual Cost of a Data Breach Report, the average breach now costs our biggest corporations about R89-million per incident. In the healthcare sector, the figure is even higher due to the sensitivity of patient data and outdated IT systems. The financial services sector, which also handles very sensitive customer data, is the second most targeted industry. Both these industries sit on the kind of data that criminals find very enticing. This is why, globally, the cost of cybercrime is projected to exceed R186-trillion annually by 2025. An expanding threat landscape enabled by GenAI Meanwhile, the threat landscape is expanding rapidly. Generative AI (GenAI), used by criminals to craft their attacks with more accuracy, has made phishing attacks more convincing and frequent. Previously, fraudulent emails were easy to spot due to poor grammar or formatting. Now, AI can generate perfectly written content, mimic the tone of colleagues, and target individuals during high-stress periods when they might be less cautious and more vulnerable to clicking on harmful links. This has resulted in a significant spike in phishing activity since the public release of ChatGPT in late 2022. But this is only one dimension of the issue. As businesses adopt cloud computing, smart devices and remote work policies, the surface areas for attacks have grown exponentially since the days when everyone worked in office, on the same network, behind the same firewalls. In fact, it's estimated that global endpoint volumes are growing at 30% annually, vastly expanding the attack surface that needs to be protected. Adding to a perfect storm, the World Economic Forum is also projecting a gap of 85 million skilled cybersecurity workers by 2030. The case for security automation becomes more obvious, but so does the need to train and retain the most skilled and dedicated cybersecurity specialists. Companies must rely on intelligent systems to detect, analyse and respond to threats in real time, and highly skilled professionals who can ensure that strategies remain responsive and that C-suites and workforces are aligned on how to protect their businesses from threats. It's because of this expanding threat landscape that spending on cybersecurity continues to be one of the most resilient IT budget items for chief information officers (CIOs) globally. Even amid economic slowdown, surveys reveal CIOs are least likely to cut their budgets for security and AI because of how business-critical they are. Investing in platforms, not just tools For many companies, using a plethora of separate cybersecurity tools has become unsustainable, because of the sheer complexity and cost. This is why the desire for consolidated security ventures has reached an all-time high. Increasingly, enterprises are consolidating their cybersecurity tools into single, integrated platforms that provide broad protection across multiple vectors of vulnerability. This is a 'best of suite' approach, as opposed to 'best of breed'. This is when a single supplier offers a comprehensive suite of cybersecurity solutions for a set price — and while each solution in the bag might not be the best there is, it reduces complexity and cost. Platform-based players like Palo Alto Networks and CrowdStrike are emerging as leaders in this space. Their ability to scale and streamline a collection of security solutions makes them compelling long-term investments. At Ashburton, we prefer this platform-based model and have re-engaged with the sector during recent pullbacks, recognising that short-term market volatility can create great entry points into robust secular growth stories. A two trillion dollar opportunity The current global cybersecurity vended market is about $250-billion (R4.5-trillion), but McKinsey estimates that the total addressable market could be as much as $2 trillion (R35-trillion) over time as new customer needs emerge and vendors scale their offerings. For investors, this represents a long runway for value creation — especially as regulation increases and cyber resilience becomes a boardroom priority. In a world where policy shocks and political upheaval can send markets reeling, secular trends like cybersecurity and AI offer a rare source of clarity, predictability and long-term opportunity for patient investors. These industries may not be immune to volatility, and they are still going through their infancy growing pains, but their overall direction looks quite certain. For long-term investors, these trends are not just compelling — they are essential opportunities for the long run. DM
The Herald
11-06-2025
- The Herald
South African macadamia farmers eye Asian markets after US tariff jolt
International Business Machines Corp (NYSE: IBM) is 25.66% higher on its value in year-to-date trading and has touched a low of $166.81 and a high of $273.47 in the current 52-week trading range. The question becomes, what are the chances the stock will continue to grow shareholders' wealth in the market. Here's what analysts think will happen to its price in the coming time. The IBM stock was last observed hovering at around $272.08 in the last trading session, with the day's gains setting it 4.16%. Currently trading at $276.24, the stock is 4.58% and 10.47% above its SMA20 and SMA50 respectively. However, with a daily trading volume of 3.98 million and changing 1.53% at the moment leaves the stock 17.97% off its SMA200. IBM registered 64.23% gain for a year compared to 6-month gain of 17.67%. The firm has a 50-day simple moving average (SMA 50) of $250.0566 and a 200-day simple moving average (SMA200) of $234.15945. The stock witnessed a 10.85% loss in the last 1 month and extending the period to 3 months gives it a 10.96%, and is 4.16% up over the last 5 days. If we measure the stock's price variations over the week and the month, we find that the volatility rates stand at 0.45% over the week and 1.29% over the month. International Business Machines Corp (IBM) has around 293400 employees, a market worth around $256.74B and $62.83B in sales. Current P/E ratio is 47.52 and Fwd P/E is 23.76. Profit margin for the company is 8.71%. Distance from 52-week low is 65.60% and 1.01% from its 52-week high. The company has generated returns on investments over the last 12 months (6.36%). with sales reaching $16.58B over the same EPS is expected to grow by 5.84% this year, but quarterly earnings will post 5.54% year-over-year. Quarterly sales are estimated to grow 5.15% in year-over-year returns. International Business Machines Corp (IBM) Top Institutional Holders 4006.0 institutions hold shares in International Business Machines Corp (IBM), with institutional investors hold 65.34% of the company's shares. The shares outstanding are 929.40M, and float is at 928.43M with Short Float at 2.29%. Institutions hold 65.26% of the Float. The top institutional shareholder in the company is VANGUARD GROUP INC with over 89.13 million shares valued at $15.42 billion. The investor's holdings represent 9.6855% of the IBM Shares outstanding. As of 2024-06-30, the second largest holder is BLACKROCK INC. with 75.37 million shares valued at $13.04 billion to account for 8.1898 of the shares outstanding. The other top investors are STATE STREET CORP which holds 54.47 million shares representing 5.9189% and valued at over $9.42 billion, while GEODE CAPITAL MANAGEMENT, LLC holds 2.2303 of the shares totaling 20.53 million with a market value of $3.54 billion. International Business Machines Corp (IBM) Insider Activity The most recent transaction is an insider sale by Thomas Robert David, the company's Senior Vice President. SEC filings show that Thomas Robert David sold 26,543 shares of the company's common stock on Mar 03 '25 at a price of $253.01 per share for a total of $6.72 million. Following the sale, the insider now owns 45007.0 shares. Still, SEC filings show that on Feb 28 '25, FARR DAVID N (Director) acquired 1,200 shares at an average price of $249.00 for $0.3 million. The insider now directly holds 8,258 shares of International Business Machines Corp (IBM).
The Citizen
10-06-2025
- The Citizen
Limpopo e-learning app secures R1m investment
LIMPOPO – What began as a dream between two childhood best friends from Gumbani village outside Malamulele has become a national success story. Marvel Shimbambu and Malungelo Mathonsi, co-founders of the e-learning app Novar, have secured a R1 million investment from Liberty to support the next phase of their growing platform. The journey started with determination and humble beginnings. With no formal training, facilities, or funding, the duo purchased a second-hand computer for R700 and taught themselves to code using YouTube tutorials. Their vision was simple but powerful: to improve access to quality education in under-resourced communities. The result was Novar, a free, interactive e-learning app that offers curriculum-aligned content, virtual learning tools, and information about bursaries. Since its launch, the app has been downloaded more than 50 000 times, empowering learners across South Africa. Their story gained widespread attention when social media content creator Austin Macaskill shared it on his platform, @coolstorybru_za, sparking national admiration and support. Global tech company IBM has taken note, enrolling the Novar founders in its prestigious Enterprise Development Class of 2025. Through this programme, Marvel and Malungelo will receive expert mentorship, technical support, and access to IBM's global innovation network to help scale their platform. In a significant show of support, Liberty's head of business efficiencies and sustainable impact, Amelia Beattie, announced a R1 million investment into Novar. This funding will help the team enhance their platform and expand their impact. Communications and Digital Technologies Minister Solly Malatsi praised both Liberty and IBM for their support of the young innovators. 'The backing from IBM and Liberty shows the transformative power of investing in home-grown talent. It sets a standard for the private sector. By adopting a whole-of-society approach, we can bring together government, industry, and communities to turn brilliant ideas into sustainable businesses,' said Minister Malatsi. 'This aligns with our vision for South Africa's digital future, ensuring young innovators from all corners of the country have the opportunity to thrive.' Back in Gumbani, the local community is celebrating the success of its young trailblazers. Community leader and activist Bishop Baloyi praised the pair for their dedication and discipline. 'These boys are a shining example to the youth of our village,' said Baloyi. 'We urge the government to install broadband and internet infrastructure in rural areas. Our young people are full of potential, but they need the tools to grow. What these two have done is groundbreaking; they defied the odds and are now helping to build a better future.' At Caxton, we employ humans to generate daily fresh news, not AI intervention. Happy reading!
