With the holiday season in full swing, should CIOs be taking a break?
At the core of the ransomware business model is the old adage “hit them where it hurts”. For businesses, that means data.
Now, cyber criminals are taking it a step further: hit them when it hurts. That means critical moments in time, such as the mega sales events with Black Friday and Cyber Monday shopping frenzies for retailers or the peak travel periods for airlines. It also means holidays, such as Christmas and year-end getaways, when virtually every organisation will have fewer staff on hand to detect and mitigate an attack, creating the perfect cyber storm for almost any business.
In the run-up to the holiday season, where employees are spending time with families and friends, malicious cyber actors aren’t making the same holiday plans. In fact, this is an attractive timeframe that provides a head start for cyber criminals conducting network exploitation, as they cash in on the opportunity to steal data and disrupt services.
No end in sight for ransomware
Ransomware has become a growing concern for businesses in Singapore, with the number of cases rising by 54% between 2020 and 2021. To mitigate this growing threat, the government has set up an inter-agency ransomware taskforce to shore up counter-ransomware efforts.
See also: Conducting secure data movements in the cloud symphony
Cybercriminals are taking advantage of poor cybersecurity practices and IT staff shortages to conduct increasingly impactful attacks, such as introducing threats that can automatically avoid detection or deploying double extortion tactics where they not only encrypt the data but also steal it and threaten to leak or sell it, to further encourage payment of ransom. As such, it is timely for CIOs to set up their own “task force” and consider the key steps that they can take right now to strengthen their ransomware resiliency and stay vigilant against threats at all times, including during the holiday season.
1. Adopting a zero-trust approach
Zero trust is the latest cybersecurity marketing buzzword, but it’s not simply a product or service—it’s a strategy and mindset. It offers protection on all fronts – not just at the network perimeter but within the network itself. It encompasses strong identity and access management controls and secure hardware to help prevent unauthorised access.
See also: 80% of AI projects are projected to fail. Here's how it doesn't have to be this way
Users, devices, infrastructure and data are continuously monitored and validated. The micro-segmentation of the network’s security perimeters and the deployment of the “principle of least privilege” to provide users access only on a need-to-know basis are key to minimising the spread and impact of malware attacks.
Adopting a zero trust strategy requires an organisation-wide commitment that takes time, but we can start now with zero-trust training for employees to instil a healthy scepticism that could prevent phishing and other threats that lead to ransomware.
For instance, employees can practice good cyber hygiene by not clicking on suspicious links. This training is also a great time to remind employees to strengthen their passwords and use multi-factor authentication. That way, even if a hacker gains access to passwords, they would need a unique code to infiltrate your IT system.
2. Deploying autonomous data management solutions
Ransomware attacks are getting more sophisticated and increasing in frequency, as the technical capabilities of cyber criminals reach new heights with greater automation levels. To stay ahead of the malicious actors, organisations can deploy autonomous data management solutions to proactively defend against threats by combining automation with advanced artificial intelligence (AI).
By harnessing the power of AI, machine learning (ML) and hyper-automation, autonomous data management will help to simplify tasks, and reduce cost and operational burden while increasing protection efficiency with little or no human intervention – freeing up time for IT staff to focus on more strategic activities.
Enhanced security is achieved with active detection capabilities and automated malware scanning that works in conjunction with AI-driven, near-real-time anomaly detection, to keep data safe and compliant.
To stay ahead of the latest tech trends, click here for DigitalEdge Section
In this cat-and-mouse game where cyber criminals are getting savvier, organisations need to leverage AI and ML technologies to secure IT infrastructures across multi-cloud environments and protect data with tools that are continually learning and improving all on their own – to be more efficient and effective. In addition, autonomous data management helps to optimise storage and management of data. This allows for an effective archive of massive data volumes while gathering productive business insights to make intelligent decisions in response to the myriad challenges faced by organisations.
3. If you fail to plan, plan to fail
Create a ransomware response plan that covers the who, what, when, where and why for using your backups to stay up and running in the event of a ransomware attack. Back up your data on a regular basis and keep at least one copy of the backup online to ensure data and applications can be restored quickly and seamlessly across business networks and operating systems.
If your backup and recovery provider offers AI, ensure your organisation is updated with the very latest, so your backup and recovery happens autonomously and adapts to changes in your environment, especially when IT staff are out of the office.
Make sure your response plan specifically outlines how these factors change for holidays and weekends. Then test it and test it again. An organisation’s resiliency plan is only as good as its last test, as testing helps to reveal cracks and vulnerabilities that otherwise would never have been discovered. Regular fire drills will help the IT team to shorten the threat response time with a clear understanding of their roles and responsibilities and enhance their ability to recover from a real cyber incident.
Turning the tide
Cyber felons are on a constant hunt to capitalise on the security vulnerabilities and distractions arising from the holiday season. CIOs and their taskforce should act now by diligently adopting best practices and autonomous data management technologies to manage the cyber threats, or risk having a holiday season that turns sour.
Andy Ng is the vice president and managing director for Asia South and Pacific Region at Veritas Technologies