Individuals must be the focus of ransomware resilience, says Chris Huggett, Senior Vice President, UK and India, Sungard Availability Services.
Ransomware is one of the biggest cyberthreats organisations in the UK face. Entering into an organisation’s network by targeting individual users, it uses intense psychological pressure and exploits human error to gain access to IT systems and/or data.
According to Cybersecurity Ventures’ 2019 report, the volume of ransomware attacks is on the rise, with businesses predicted to fall victim to an attack every 11 seconds by 2021. How far back an organisation’s backups go is becoming increasingly crucial too. Sources of threat data (Cisco, Verizon, etc) highlight how breaches can happen in mere minutes, but do not present themselves immediately, instead laying undetected for hundreds of days, and taking weeks to contain and remediate once discovered.
As well as being an effective tool for cybercriminals to extort money and cause business disruption, the ability for ransomware to exploit individuals on a psychological level has enabled it to become a major source of disruption. While WannaCry and NotPetya rose to notoriety for their widespread impact on a number of multinational companies, the more covert impact of ransomware can often be the detrimental effect on the people at the frontline of an attack.
The personal impact
While feelings of guilt and responsibility may plague the end-user unknowingly deceived into creating an exploit, a similar or even higher level of stress is likely to be felt by a public-facing executive who must answer to a disgruntled customer base in response to a data breach or service outage. In fact, recent research has revealed that over half (54 percent) of C-level executives in the UK have suffered from stress-related illnesses and/or damage to their mental well-being as the result of a technology crisis. Not only does this highlight how intrinsically linked senior executives are to their company’s resilience today, but it also suggests the extent to which they feel personally responsible.
To ensure operations and employees can contend with the threat of ransomware, resilience must start at an individual level, and permeate through every layer of an organisation. To execute their roles to the best of their abilities, the C-suite needs the help and support to build responses in times of disruption effectively. This includes making all staff aware and prepared for the types of risks that can lead to crises.
Creating an open culture
Organisations must also establish a business-wide culture of vigilance and openness in order to combat the more pernicious effects of ransomware. Ransomware works best when the individuals it targets are isolated, therefore solid communication structures and openness among staff are important tools for combatting it. Emphasising mutual protection not only leads to less of a burden being placed on individuals; it is also important for protecting the bottom line. UK businesses suffer an average loss of £1.4m annually due to downtime, while almost half (48 percent) of C-level executives state their company’s technology expenditure had increased following a crisis.
Organisations must take steps to minimise risk and develop the ability to adapt to disruptive events as well. The availability, security and agility of business IT operations must be a priority. Organisations that are most resilient to ransomware have departed from the traditional tactics employed for unique physical assets. The only certain way of preventing digital business assets from becoming ransom prisoners is by taking advantage of the features that data and IT systems offer. A unique physical asset exists only in one place. Therefore, it can be held to ransom. If there are copies, back-ups available or alternative ways of accessing the asset (ie. by relying on decentralised cloud solutions), the ransom becomes far less powerful. At the tactical level, a Business Impact Analysis (BIA) can help determine which systems need what kind of protection, and how much downtime and data loss a company can afford.
For organisations executing a digital transformation strategy, every step must be evaluated for potential risks. A company must have the right tools and strategies in place, along with the technological know-how to weather various IT storms. Crucially, however, businesses must ensure staff have the support and understanding necessary to remain resilient in a crisis. By building a culture of openness and mutual respect, companies will not only sustain a healthy working environment, but will help staff (and therefore the business itself) quickly respond and adapt in times of disruption.
