Nothing focuses business leaders on Business Continuity (BC) and Disaster Recovery (DR) measures more than a natural disaster. Given record-breaking events such as Tropical Storms Harvey and Irma, the heightened attention is understandable. When surge currents lap at your door, the need for urgent, immediate response hits businesses in the face like hurricane-force winds.
Consider this lead from a Wall Street Journal account of the gale: “Companies and organizations in the Houston area are scrambling to ride out Tropical Storm Harvey by maintaining around-the-clock oversight of information technology systems — in some cases outfitting technology hubs with sleeping cots — while shifting key business applications to the cloud and closely monitoring the status of the power grid and online providers.”
But what if the swelling, murky waters weren’t so obvious? What if instead of radar images of looming, swirling clouds, the rains of business disaster were invisible? Detectable only after seeping into your infrastructure to cause catastrophic damage?
Ransomware is like that. A cyber-disaster threatening your business continuity that, if you wait until you see it to act, your actions will be too late.
Indeed, the incidence of ransomware in the U.S. is rising like a flood, which may not move as fast as Harvey’s torrents but is no less relentless.
“The first six months of 2017 have seen an evolution of ransomware producing more viral variants unleashed by state-sponsored actors and cybercriminals,” Josh Ray, managing director at Accenture Security, told Information Management magazine in an interview about his organization’s 2017 Cyber Threatscape Report. “Our findings confirm that a new bar has been set for cybersecurity teams across all industries to defend their assets in the coming months.”
Ransomware attacks are like hurricanes, too. Forecasters know they’re coming but can’t make accurate predictions about where they will land and whom they will damage most. For example, Locky, an “especially elusive and destructive” variant of ransomware hadn’t been seen in cyber circles for nearly 18 months. Yet, in mid-August, two new Locky strains, Diablo and Lukitus, emerged, per Data Breach TODAY.
So, how do you prepare for a cyber-disaster you can’t see coming? Accenture Security’s Ray believes solid BC planning is the key. Here are three “effective components” for a BC plan Ray shared with Information Management:
- Adopt proactive prevention -- “Recognize phishing scams through prevention training and awareness programs,” Ray counsels. “Make it easy for employees to report fraudulent e-mails quickly, and keep testing internally to prove the training is working.”
- Elevate e-mail controls -- “Maintain strong spam filters and authentication,” he recommends. “Scan incoming and outgoing e-mails to detect threats and filter executable files.”
- Insulate your infrastructure – “Remove or limit local workstation admin rights,” he advises, as well as “Regularly patch operating systems and applications.”
And as we always advocate on these topics, don’t go it alone. Consider using an IT Managed Services Provider (MSP) to assure your computing environment is as secure and protected as possible.