“Cybersecurity is a board-level responsibility, and board members should be specifically asking about ransomware,” says guidance from the National Cyber Security Centre (NCSC).
Ransomware attacks are continually evolving with attacks becoming more frequent, sophisticated, and targeted. Businesses face a wide range of threats to important assets, with skilled hackers targeting computer systems, networks and people. To succeed, CEO’s need to ensure that their business is prepared for a ransomware attack, and how to react should the worst happen.
In this blog, we cover everything you need to know about ransomware including three key questions that CEOs need to ask the tech experts following a recent article from the UK’s NCSC.
The basics about ransomware
- Ransomware is a type of malware that prevents you from accessing your computer or any information stored on it. Often the data is encrypted preventing you from using it.
- Most ransomware attacks impact more than one device. Cybercriminals are now affecting entire networks, rendering workforces unable to continue business as usual.
- Businesses will incur a certain amount of downtime and potentially be forced to pay large sums of money to recover critical services. If you pay the ransom, there is no guarantee that you will get access to your computer, or your files.
- These events can be damaging to your reputation, depending on how high profile the attack is. Many cybercriminals threaten to release the sensitive information they have stolen if the ransom isn’t paid.
Statistics
- Recent government research found that almost half of all UK businesses and 65% of medium-sized businesses were hit by a cyber attack in the latest UK government survey.
- UK government research also states that there is a global shortage of cyber security professionals, with 54% of UK businesses reporting that they lack the necessary internal skills needed to keep threats at bay
- Research by Verizon found that 71% of breaches are financially motivated and 56% of these took months or longer to discover.
What CEO’s need to ask the tech experts about ransomware
Q1. How would we know if/when an incident has occurred?
One of the main reasons hackers are becoming more successful is due to their ability to remain within your IT network without being detected. It is of the utmost importance that you identify any unauthorised access to systems as early as possible.
CEO’s need to consider the following:
- When do you get informed of an incident?
- Do you have monitoring in place for all critical assets (personal data) that would impact your business if compromised, lost or changed?
- Do you have staff members to identify and examine malicious activity?
- How do your employees report an incident? Do you have a process in place to manage the attack?
- Have you set thresholds and if so, do you have the correct alerts set?
- Do you have a list of all your IT assets? Many breaches take place due to unknown equipment.
Q2. What measures do we need to take to reduce the damage an attacker can do to our network?
Attackers aim to encrypt as much information as possible. CEO’s need to understand what they can do to slow down or stop a ransomware attack rapidly spreading through their IT systems.
CEO’s need to consider the following:
- Do you have Two-Factor Authentication enabled? You need to ensure that your systems are hard to access and only the relevant people have access to the necessary systems.
- Do you have monitoring in place to identify if your business has been compromised?
- Is your network separated or would the attacker have access to the entire estate?
Q3. Do we have a disaster recovery plan for cyber-attack incidents?
The NCSC blog post states that “Organisations should think in terms of ‘when’ rather than ‘if’ they experience a significant cyber incident.”
With the increase in cyber-crime businesses now need to ensure that they have a disaster recovery plan in place should the worst happen.
CEO’s need to consider the following:
- Who is part of the incident response team? The main contacts should include senior management, PR, HR and in some cases legal and insurance providers.
- Do you have a defined process for escalations, including who’s responsible at each stage? You may also need an in-hours and out-of-hours process.
- Do you have a process that includes regulatory requirements? This will ensure that you know when and how to report the incident.
Next Steps
Businesses face a wide range of threats to important assets, with skilled hackers targeting computer systems, networks and people. The protection of your business’s confidential and sensitive information is vital. If your business, like so many others, is looking at ways to secure your IT systems to help mitigate a ransomware attack contact one of our security experts today.
Cyber Security Checklist
To raise awareness of the importance of securing your IT systems, we have created a Cyber Security Checklist to help you get an understanding of your cyber security risk.