Recent ransomware incidents have made global headlines, with a wave of unprecedented attacks infecting companies worldwide. While many middle market companies assume they are not a target for cyberattacks and are too small to interest hackers, the opposite is actually true. The ransomware threat, in particular, is very real, and risks are more prevalent for smaller companies than larger organizations because of differences in the depth of resources and education.
WHAT MATTERS SHOULD YOU BE CONSIDERING IN ADDRESSING THIS RISK?
1. Analyse your strengths and weaknesses
Organisations of every industry and size are likely to possess information that is valuable to a hacker. Inventory your sensitive information and understand who has access to it, including employees and vendors. Understand the reputational and financial impacts to your organisation if this information were exploited. Ensure the proper controls are in place to secure sensitive data.
2. Security awareness
Many employees become unknowing contributors when they do something as innocent and simple as click on a link in an email message that appears to come from an internal team member or outside vendor, and thus activate a malware attack. Cybercriminals are becoming increasingly crafty in the techniques they use to break into networks. An educated staff is your best defence. A security awareness program may help your employees to understand ransomware and other cybersecurity risks, what to look for and how to respond. The programme should be continuous and updated to include new threats, tested with regular social engineering exercises, and engaging enough to help ensure widespread user adoption.
3. Patch management
The next line of defence against cybersecurity risks is to prevent infection, should a user click on a malicious link. Symantec data recently found that 75 percent of breaches leverage exploits where a patch is available, and 78 percent of scanned websites exhibited known vulnerabilities. Therefore, your organization should develop a comprehensive inventory of systems and applications in your environment, as well as a program to identify, prioritize and apply patches to software. Be sure to consider applications such as Microsoft Office, Flash and Java in addition to operating systems and antivirus programs.
4. System backups
Unfortunately, hackers and their methods are becoming increasingly sophisticated, and harmful emails and websites can look very legitimate. You must be prepared with robust data backup programs to address a ransomware attack if it happens to you. A comprehensive program includes data mapping to identify what and where data is, ensuring that backups are complete and offline from the network, and comprehensive, regular testing protocols to ensure the data can be restored.
5. Make cybersecurity assessment a continuous process
Every time a network changes, there is the possibility of introducing new risks to systems. Adding a router, replacing a server or implementing new software can create vulnerabilities for cybercriminals to exploit. We recommend periodic risk assessments to identify areas of weakness, develop incident response plans, and keep those plans current by revisiting risk assessments whenever networks change. When an incident occurs, it is important to go back and re-evaluate why a particular risk was missed or a breach occurred. Cybersecurity assessment should be a continuous learning cycle.
We would be pleased to discuss further the potential risks around cybersecurity, and, if appropriate, to introduce Commuserv’s dedicated IT and cybersecurity team to assist.