The digital economy faces a new kind of threat: digital pirates. The perpetrators release malicious software that cripples access to data, locks up the enterprise and holds its data for ransom. A single vulnerable port is all ransomware needs to self-propagate within an organisation’s system and restrict the access of the user by encrypting the most sensitive data files.
Ransomware attacks have their own malicious agendas, including stealing corporate data, sabotaging business initiatives, violating privacy rights, transferring funds from bank accounts, attacking servers and cracking passwords, among others. In recent times, many organisations have faced serious attacks and have often found it difficult to regain access to data.
Such attacks have taught us hard lessons:
- Organisations of all sizes are equally vulnerable
- The strength of an organisation’s grid is only as strong as its weakest port or personnel
- The success of an organisation’s security lies in its ability to devise an integrated approach that involves people, processes and technologies
- Secure software programs aside, an organisation must have strong cyber resilience policies
While many major antivirus software providers now claim that their products have been upgraded to combat such viruses or strains, the onus lies on an enterprise to stay vigilant and be resilient. Organisations also need to look at cyber resilience holistically from the viewpoint of its Business Continuity Planning (BCP) policy.
Here are a few controls that you could implement to be cyber resilient:
Maintain a high degree of data integrity
Data quality should be non-negotiable and enterprises can mitigate risks arising from poor quality of data by:
- Staying compliant to all the provisions of 21 CFR Part 11
- Encouraging stakeholders, including vendors and customers, to adhere to defined data integrity policies
- Evaluating internal controls through systemic internal audits and recommending solutions periodically to bridge gaps
- Providing role-based access to relevant stakeholders and assessing their organisational behaviour
- Setting up efficient back-up and recovery procedures
- Conducting periodic data cleansing activities to minimise negative impact on financials and analysis
Establish a strong business continuity and disaster recovery plan
To withstand the occurrence of any attacks, organisations should create a comprehensive recovery plan that can:
- Identify intellectual property and sensitive data
- Understand acceptable downtime for each critical function
- Identify time-sensitive business activities against their output prioritisation
- Analyse identified potential risks and their implications on business functions
Look beyond technology
Enterprises should also look at vulnerabilities beyond technology, and set up policies to secure their intellectual property and critical processes across the value chain and other key business information to safeguard against cyber-attacks. Some basic hygiene includes the following:
- Bring in strong policies and controls (for example, restricted VPN access to a vital few) after evaluating the risk of remote access to your network by people accessing your systems remotely, such as employees, contractors and suppliers.
- Deploy a team of ethical hackers to secure all assets that are prone to cyber attacks
- Create constant awareness around security risks and breaches at all levels in the enterprise through constant learning and evaluations at regular periods
- Secure patents – including corporate classified assets that are proprietary, which should be listed, classified, valuated and prioritised as Intellectual Property
- Have restricted access monitored for real-time for breaches as well as have a policy for removal/deletion of IP
- Require people beyond employees (i.e. partners, independent contractors, suppliers) to sign Non-Disclosure Agreements with clearly defined terms, such as penalty, damages, legal consequences before accessing the Intellectual Property
- Ensure advanced security tools/suites are in place to help track/locate sensitive documents should data loss occur.
Organisations need to be proactive before a cyberattack strikes. The key is to detect an attack early and investigate swiftly. To mitigate risk and improve response time, organisations must consider all risk factors, and work closely with both internal and external stakeholders to stem any potential attacks. Enterprises could also partner with forensic cybersecurity providers to proactively avert threats.
In the coming years, the connected economy will provide digital pirates with even more avenues to launch bolder attacks. The only way companies will be able to stanch these attacks will be to stay a few steps ahead, and never let their guard down.
- Harsh Vinayak outlines bot security in this two-part series. Read Part I and Part II.
- Find out how we helped CarePoint Health adopt strategic backup and disaster recovery solutions.
Post Date: 25/01/2018