With businesses coming under increasing threat of cyber attacks and ransomware, we caught up with Core’s head of cyber security Alec Jackson to find out what businesses can do to protect themselves.
What is the biggest cyber risk to businesses today
We are seeing far too many ordinary businesses being caught out by ransomware attacks. There is a lot of talk about this kind of thing and unfortunately it isn’t just a headline, it is really happening and stopping lots of small and medium sized businesses from operating for days or even weeks. Some never get going again. It’s a shame because it is very simple to mitigate and recover from with the right security and systems.
Can anything be done to help a business that has suffered a ransomware attack?
Yes and no. Yes, we can go in and retrieve what we can and get things up and running as quickly as possible. It takes time but it is achievable, and data may be lost in the process. So, when people ask me if we can just sort it out, the answer is that we can get them back online and help them make the best of the situation but there may be an interruption to their services whilst we are working to do that. What usually happens when we are called in to help with a ransomware attack is that we work hard to resolve the immediate emergency first before working with the company to put measures in place to protect their business from falling victim in the future. If we work with a client before they have an attack, we can help to reduce the risk of this happening in the first place with appropriate backup, recovery and business continuance systems.
Have you ever managed to help a company overcome a big cyber attack?
Not so long ago we were approached by a company with over 300 employees that had fallen victim to a ransomware attack. They lost access to all their emails systems so they couldn’t send or receive anything. We spent a full day on site establishing the extent of the problem and another couple of days carrying our remediation work. By the end of day three everything was back up and running. We then upgraded their security and worked with them to establish policies and systems to reduce the risk of this happening again.
Are there other things that can stop a business from operating?
Power outages can cause real problems with IT systems and we have worked with some of our clients to make sure they have backup power supplies on site so that their IT systems operate even when the power is turned off, with an even flow of power to protect the equipment.
A thorough business continuity plan can help organisations keep going no matter what happens, even if there is a major power outage, flood or a fire.
What exactly is business continuity planning?
It’s very simple really – it’s about making sure your business can carry on doing its day to day work even if something happens to disrupt that, whether it’s a cyber attack, a power cut or other unexpected event. The financial and reputational loss that can occur if a business has to stop operating even for a few days is huge, so it really does pay to spend a bit of time reviewing business processes and putting the right systems and software in place.
If a business has updated its anti-virus software recently is that enough?
Software needs to be kept up to date if it is going to do its job properly, which is why we carry out regular security updates to make sure the latest patches are installed on all our customers’ systems. New threats are always emerging and the patches create a barrier to those.
What one piece of advice would you give to businesses that are worried about cyber crime?
Take it seriously and make sure you have good security in place that is well managed to keep it up to date. Even if it requires some investment, the alternative will be far more costly.