Tag Archives: cyber breach

Cybersecurity, Data, Data & Analytics, Digital Transformation, Tech, Technology, Thought Leadership

Data Resilience and Protection in the Ransomware Age

By Sam Woodcock, Director of Cloud Strategy and Enablement at 11:11 Systems

Data is the currency of every business today, but it is under significant threat. As companies rapidly collect and store data, it is driving a need to adopt multi-cloud solutions to store and protect it. At the same time, ransomware attacks are increasing in frequency and sophistication. This is supported by Rapid7’s Ransomware Radar Report 2024 which states, “The first half of 2024 has witnessed a substantial evolution in the ransomware ecosystem, underscoring significant shifts in attack methodologies, victimology, and cybercriminal tactics.”

Against this backdrop, companies must have a data resilience plan in place which incorporates four key facets: data backup, data recovery, data freedom and data security.

Ransomware is Just Business

With ransomware being a low-risk, high-reward opportunity for criminals, as it requires little effort to access sensitive information and demand ransom, it is becoming an attractive career choice for some. It is on this basis that ransomware has evolved into a fully-fledged business with more operations starting up every week.  This is also fuelled by the increasing popularity of Ransomware-as-a-Service, a model where sophisticated threat actors develop and sell ransomware platforms to other threat actors.

With this rise in threat actors targeting businesses today, IT security can no longer be a problem for IT teams alone. Every decision is a commercial decision and will carry risk. And every person within an organisation has an important role in being the first line of defence and protecting a company from a breach.

From Passwords to Exploits

People make mistakes, and this makes them an attractive target for most threat actors. According to Mimecast over 70% of cyber breaches in 2023 were caused by human error. Advanced phishing attacks are more convincing than ever, making it harder for employees to distinguish between real and fake emails. It only requires a quick click of the button by a stressed, tired or disgruntled employee for threat access to gain a password that gives full access to the organisation’s data.

As such, while employees must be adequately trained to avoid falling victim to these phishing or ransomware attacks, this is merely the first step to improving a company’s security. However, it requires further security measures to be put in place to protect the organisation and its data.

Testing, Testing

Backups are considered the primary way to recover from a breach, but is this enough to ensure that the organisation will be up and running with minimal impact? Testing is a critical component to ensuring that a company can recover after a breach and provides valuable insight into the steps that the company will need to take to recover from a variety of scenarios. Unfortunately, many organisations implement measures to recover but fail on the last step of their resilience approach, namely testing. Without this step, they cannot know if their recovery strategy is effective.

Testing is a critical component as it provides valuable insight into the steps it needs to take to recover, what works, and what areas it needs to focus on for the recovery process, the amount of time it will take to recover the files and more. Without this, companies will not know what processes to follow to restore data following a breach, as well as timelines to recovery. Equally, they will not know if they have backed up their data correctly before an attack if they have not performed adequate testing.

Although many IT teams are stretched and struggle to find the time to do regular testing, it is possible to automate the testing process to ensure that it occurs frequently.  These tools will also provide a realistic view of how resilient the environment is to threats and provide a host of scenarios that could impact the business, helping to prepare for almost any incident.

From testing to reality

While some organisations are surprised that they have been breached, according to Sophos, 83% of organisations that experienced a breach had observable warning signs beforehand and ignored the canary in the coal mine. Further, 70% of breaches were successful and threat actors encrypted the data of the organisation to prevent access to it.

However, as threat actors aren’t using enterprise-grade tools to gain access to data, enterprises are effectively at an advantage if they test and retest regularly, and back up their data effectively. A good guideline for this is the 3-2-1 rule, which states that there should be at least three copies of the data, stored on two different types of storage media, and one copy should be kept offsite in a remote location. Businesses also stand to benefit from partnering with an organisation that can protect the network to defend against threats and has the expertise to help them to recover from an attack.

Cybersecurity, News

Guy Lloyd: The ugly truth – the real cost of cyber breaches to SMEs

Cyber security preparedness is more than a nice to have, an SME’s survival can depend on it. Guy Lloyd at CySure explains why.

Small and medium sized enterprises (SMEs) rarely trigger national headlines for breaches in data security and compliance, not because they aren’t a target but because the monetary impact is small compared to the big corporations. However, breaches are all too common and the while the cost of cyber breaches to SMEs, including the impact to business operations, remediation work and resultant fines, may not run into millions, it can do untold damage. SMEs are agile and lean in their business operations, and so unbudgeted costs can severely impact finances.

Such is the concern about the UK economy’s resilience to cyber attacks that the UK Government recently commissioned a study[i] to analyse the cost of cyber breaches. It found that organisations are being hampered from managing and mitigating cyber risks by a lack of transparency, awareness and understanding of the costs. UK businesses tend to overlook indirect and long-term costs when assessing the impact of a cyber breach. This leaves organisations woefully unprepared for the financial impact, which in the most extreme cases, can spell an end to the business. SME’s in particular are most likely to underestimate the costly impact from non-compliance with cyber security breach-related laws and regulations, therefore leaving them unprepared for any potential fines.

Bumper year for cyber crime

The Coronavirus pandemic has provided cyber criminals with a fertile ground to execute scams and reap a bounty of riches. Attacks designed to steal valuable company and customer information have skyrocketed in 2020. Interpol[ii] reported that in a four-month period some 907,000 spam messages, 737 incidents related to malware and 48,000 malicious URLs, all related to COVID-19 were detected. With many of us working/schooling from home, our concentration levels have been tested to the max. When under pressure and distracted it is easy to click on a phishing email or unknowingly visit a scam website. The rush to remote working has opened up opportunities for hackers and any company with lax security measures makes easy pickings.

Work smarter, not harder

In today’s GDPR world no company can afford to be naïve or negligent about regulatory compliance. Cyber Essentials is the UK Government-backed scheme that aims to help organisations protect themselves against common cyber threats. It offers organisations a way to demonstrate to customers and suppliers a commitment towards cyber security and data protection by achieving an accredited and registered certification standard. It lays the foundation to developing policies and procedures to mitigate against threats that can impact business operations.

Getting started can seem daunting but achieving certification doesn’t have to be. Using an online compliance risk management system that incorporates GDPR and Cyber Essentials Plus is a simple and cost-effective way to achieve certification. SMEs should look for a solution that can guide them through a gap analysis to highlight the business areas to focus on.

Cyber security doesn’t need to be complex, costly or confusing. A low cost, simple set of actions as defined in Cyber Essentials can go a long way to protect against common attacks.

Preparedness in uncertain times

Business confidence comes from understanding the risks involved and the knowledge that should the worse happen it is possible to keep calm and carry on. Being certified with a creditable scheme delivers the assurance that SMEs can demonstrate their commitment and attention to bolstering cyber defences.

Uncertain times can hit when we least expect but the benefit of certification through with help from an information security management system (ISMS) is knowing your business is prepared. Now more than ever we should be celebrating business resilience and preparedness.

[i] Analysis of the full cost of cyber security breaches Report
[ii] Interpol report shows alarming rate of cyberattacks during COVID-19