Losing your business data or email can have catastrophic consequences. Resilience is the key to managing this risk.
As we approach the second half of the year, the rate of attacks on businesses in the form of ransomware is still increasing.
A new organisation will fall victim to ransomware every 14 seconds in 2019, and every 11 seconds by 2021.
(Source: Cyber Security Ventures)
Business owners, Boards and Executives should all take note – this is a topic that you should be discussing in your meetings. If you are not aware of a cyber-resilience plan in your organisation, it is highly likely that you don’t have one.
What is ransomware?
The most striking trait of this type of malware is the speed at which your organisation can fall victim to an attack like this – it all happens incredibly fast. Once a single machine is infected, the malware can spread just as fast through your company network, bringing workstations, network drives, your email and ultimately your business to a screeching halt.
By implementing comprehensive yet simple controls and preparing for the worst, your business can become more resilient than most of your competitors. In many cases, this is the key to ensuring that you can survive such an attack.
Case Study – Design Files destroyed
Project – Complex development requiring thousands of engineering drawings.
Scenario – Company A commissioned Company B to produce design drawings for a new development, requiring months of work and design reviews.
Impact – All design files were encrypted less than 72 hours before the final project deadline. Company A is no longer able to meet their deadlines for completing the development. Company B no longer has some of the required files.
What Happened?
- Company B routinely visited the offices of Company A and used a USB drive was used to transfer their files over to the server of Company A, via a standalone computer.
- Company A had a data link in place to copy the files to their head office.
- Company B’s USB drive dropped an infected file onto the standalone machine, one week before submission deadline, encrypting the local machine and the attached server.
- Company A notifies IT department who unplug the machine from the network.
- Company A realises that their backups haven’t run correctly since February 2019, with two months of design files destroyed.
Could this have been prevented?
The short answer is YES – this attack could have been prevented.
Attacks of this nature are so widespread, that we need to ask many more questions. Some of the questions you should ask yourself are:
- Has our business got a plan to put into action for an incident like this?
- Are all of our employees aware of such a plan?
- How much revenue can our business afford to lose if nobody can work?
How can BIG help?
Our team will skip the jargon and discuss with you and your stakeholders in language that is relevant to running your business.
BIG will support you to have an informed conversation with your CISO, CTO and other technology leaders.
Regardless of budget, there are steps you can take today to secure your business.
Book your complimentary assessment today
We are very pleased to be able to offer an exclusive assessment to qualifying businesses here in the UAE. Fill out the form below and one of our team will contact you within 24 hours to see how we can help you.