By the end of 2021, it is projected that ransomware will have cost businesses in excess of $20 Billion, and this is expected to rise to $265 Billion by 2031. It’s not only large, affluent companies hat are affected, either. Smaller companies that might hold valuable data are often easier to penetrate and extort. As more and more business move online, regardless of size, they have a responsibility to create a safe environment for their staff and customers and protect shareholder value.
“Attacks need to execute and run before they are picked up and checked to see if they are malicious, sometimes taking as long as 60 seconds or more, which is too long to wait. Organisations need to invest in solutions that use technology such as deep learning which can deliver a sub-20 millisecond response time to stop a ransomware attack, pre-execution, before it can take hold.”
Deep Instinct
Security research firm Deep Instinct found that a shocking 99% of the people they approached in a survey admitted that they did not feel fully secure at all of their access points. An unspecified number expressed concern that they did not have enough qualified security and operations staff in place to mitigate the risk of a hack. There is a growing sense that companies and organisations of all sizes should adopt a ‘security first’ approach and respond much more quickly to the signs of a breach.
Here is a list of the bare minimum preparation that many security professionals believe should be put in place:
- Adopt adequate technical safeguards including firewalls, anti-virus software, access controls.
- Invest in other non-tech safeguards such as cybersecurity insurance
- Comply with ISO and other industry standards, so you can effectively ‘tick off’ vulnerability boxes and understand what technical safeguards are required for your business and, where appropriate, your client’s business.
- Don’t leave preparation for a ransomware attack to someone else, set up an incident response plan and always test your plan based on the worst-case scenario.
- Identify the right / lead supervisory data protection authority to handle a potential data breach.
- Know where you’d go for legal advice, and ask for some in advance, to ensure you have adequate contractual safeguards and internal policies.
- Build your SeCoPs’s team skills (even if that team has just one member — you), and ensure you have the right resources and solutions to hand.
Source: ContractorUK
Informed Sauce is hosting an Infinidat-sponsored event in London on 2 December about protecting businesses from cyber crime.
Short talks from the Metropolitan Police, a military-trained cyber threat expert and sponsor Infinidat’s EMEA Field CTO will be followed by a panel-led, room-wide moderated discussion, with plenty of opportunities for you to contribute your thoughts and ask questions.
Visit the event microsite for more details and to sign up.