Security breaches are an ongoing threat in the digital landscape. The impact they pose on a data-driven business can be catastrophic. Being able to access sensitive personal or corporate data, compromise it, and take parts of your business offline while it is being held to ransom, is something that no organisation can afford to experience.
With organisations of all sizes now embracing an always-on approach to data, renewed attention should be placed on keeping that data safe. Ransomware incidents, data breaches, attacks, and so on are a daily threat and continue to make headline news. The reality is that these attacks can happen against any business, in any industry, at any geographic location.
From small startups to large multinationals, no company can consider itself safe – not one is ever 100% secure.
The recent City Power Johannesburg ransomware attack has put the spotlight on what measures must be taken by South African businesses to mitigate the risks associated to data being available and accessible on a variety of platforms.
New technology, old tricks
It is inevitable that as companies move into an online environment and become increasingly cloud-based, the security requirements will be quite different from traditional ones that are easier to lock down. As attacks continue to evolve and target connected devices as entry points into the data network, the cyber security approach must adapt accordingly.
The reality is that there is no single solution that can secure every entry point into the business and protect against every piece of malware that is out there. Instead, businesses need to view this as an ongoing process to manage data and its security in the connected world with a variety of solutions and processes.
Organisations are struggling to effectively counteract the threat posed by ransomware; many simply don’t have the right defences in place, but sometimes even the basics haven’t been covered.
For example, organisations I have engaged with still haven’t informed staff about malware within e-mails and clicking links they aren’t familiar with. Others haven’t educated staff on how to recognise the social engineering tactics taken by attackers, whereby the victim is tricked into clicking accept or giving the attacker physical access to a device.
Cybercrime: An industry in its own right
The cybercrime industry has become extremely lucrative. Ransomware attacks are still growing in volume for a simple reason – they work and generate significant revenues for the attackers. In the past, attacks generally tended to focus on damaging systems or defacing corporate websites. However, as data has become the lifeblood of any organisation irrespective the industry, company size, or geographic location, the financial benefits of holding files to ransom or selling information to competitors have become too good to pass up on.
This has resulted in the need to adopt security that better aligns to data governance and compliance, with the EU General Data Protection Regulation (GDPR) and the Protection of Personal Information Act (POPIA) going a long way to bring these concerns to the most senior leaders in a business. Plans should encompass the auditability of, and the access to data, as well as how quickly the business can recover when disaster strikes, and then notifying victims if their data has been affected.
Being available means a business cannot afford to lose access to its data. The disruption it can cause impacts not only the financial bottom-line but also the reputation of the company. A business therefore requires a robust security strategy that reflects the need to continually test its disaster recovery measures and examines the impact on productivity when there is downtime.
Solutions need to be put in place to ensure the ‘disaster recovery playbook’ of the business is up to date and reflective of the needs of an always on society. The breadth and depth of recent ransomware attacks alone demonstrate how adept adversaries are at exploiting security gaps and vulnerabilities across devices and networks for maximum impact. The 2019 Veeam Cloud Data Management report found that 73% of organisations admit to not being able to meet users’ demands for uninterrupted access to data and services, costing the typical company almost R300 million annually. This astounding figure highlights the devastating effect business downtime can have on productivity, competitiveness and consumer confidence.
Working with data availability specialists that have a trusted partner network in place, can go great strides in combating the scourge of cybercrime. The security solutions that are put in place need to scale according to the needs of the business. It incorporates disaster recovery, business continuity, cybersecurity, and other elements designed to put safeguards in place dedicated on ensuringavailability.
Some of the more innovative solutions out there, include features that provide a form of copy data management, enabling enterprises to use replicated operations data for development and testing. For example, this can be done to test recovery speed, security resilience or to develop new business processes, applications and systems. It also means companies can test patches before they are rolled out across the business environment on an exact copy of operational or production data. This will help determine whether the patches are effective or whether they affect other processes, without impacting the business’ operations.
Adhering to the Veeam 3-2-1 rule will also reduce the impact of a ransomware attack being successful. It recommends that organisations make three copies of all data; that they store those copies in two different environments, such as on-premise and in the cloud, and that they keep one backup copy offsite to keep it safe from any environmental issues. But, time and time again we see human error as the entry point for ransomware and businesses must educate their staff on the hazards posed by seemingly innocent emails, or social engineering tactics. A simple one-hour training session for staff will educate employees on best practices and can minimise a ransomware threat significantly.
All told, the available business of today requires equally a combination of cybersecurity solutions that adapt to the changing risk landscape as a first line of attack, and a comprehensive cloud data management platform as the rear guard, focused on maintaining the integrity of and access to corporate data, even when disaster strikes.Share this article via: