Solution Provider IDs Five Proactive Steps CIOs Can Take Now
NEW YORK, September 12, 2016 – Ransomware, which holds business data hostage until a fee is paid, has taken a sharp upturn this year. In fact, a recent industry study found that nearly half of all U.S. businesses have experienced at least one ransomware attack in the past year alone. While organizations wrestle with the ever-pressing issue of whether to pay or not to pay if they’re victimized, Logicalis US, an international IT solutions and managed services provider (www.us.logicalis.com), suggests CXOs focus first on how to protect, thwart and recover from a potential attack before developing a pay or don’t-pay policy.
“Ransomware has become one of the most sophisticated criminal enterprises the world has ever seen,” says Ron Temske, Vice President, Security Solutions, Logicalis US. “As anyone in the business of cybersecurity knows, we’ve long battled those who simply wanted to create chaos and disruption. We’ve seen nation states attack both military and civilian targets and ‘hacktivists’ who act for various social causes. But ransomware is different in one key way: It’s all about the money. Ransomware is a business, complete with sophisticated cybercrime-as-a-service offerings and world-class customer support to ensure its victims’ files are returned expeditiously once the ransom is paid. It’s a service business approaching $1 billion in annual revenue, something that would be heralded as an accomplishment if it weren’t based on such nefarious principles. The business of ransomware has even spawned a network of affiliates that provide redirection of an exploit kit for a cut of the profits.”
Five Ways to Respond to the Threat from Ransomware
To be ready for an attack before it happens, to detect and stop it while it’s happening, or to recover from it after it happens takes planning. To help, Logicalis’ security experts have compiled a list of the top five ways to respond to the threat ransomware poses today.
- Create a Modern Defense: Traditional signature-based anti-virus solutions are good to have, but they aren’t up to the job of thwarting a sophisticated ransomware attack. Neither is your traditional stateful firewall. As a result, it is critically important to plan for the possibility of an attack by developing comprehensive visibility and access to extensive details on how the malware entered the organization’s environment in the first place. IT pros who are serious about heading ransomware off at the pass should focus intently on modern next-generation anti-malware and firewall solutions that can stop an attack before it starts.
- Take an Architectural Approach: In some limited situations, point solutions can be effective, but not with ransomware. The most effective way to address the threat posed by ransomware and other pervasive cyberattacks is to take a holistic architectural approach to security that encompasses the entire network including its systems and endpoints as well as the organization’s cloud and mobile strategies. Because so many of today’s threats are automated, solutions that rely on human intervention to detect and respond are neither affordable nor effective, making automation and orchestration key principals in a solid security architecture design.
- Prevent the Spread of Malware: If an attacker’s malware does enter the network, it has the ability to spread like a fast-moving cold among passengers on an airplane. The key at this stage is to compartmentalize data using network micro-segmentation strategies that make it more difficult for malware to spread laterally within the environment.
- Plan Your Recovery: The unfortunate truth is, despite the security industry’s best efforts, no organization is entirely immune to attack. Therefore, it’s critical to examine how the organization will recover if it is breached. First, be sure you’re backing up. Second, test, test and re-test the backup and restore process; a backup is only valuable if the data can actually be restored when it’s needed. It’s also important to ensure that the restore can be done at the system level since file-based recovery may not be enough. Consider, too, how much redundancy is required; if the organization is hit, do you have an uncorrupted source from which you can immediately recover? And be sure to weigh the costs of various solutions against the cost of potential loss or downtime – not all data is equally valuable, which means not all data needs the same level of protection.
- Create a Pay or No-Pay Policy: Finally, the big question: To pay or not to pay? No vertical market is having a tougher time facing this question than healthcare is today; whether it’s critical patient-care data that hackers hold hostage or the threat of hefty regulatory fines imposed when protected patient health information (PHI) is breached, healthcare organizations have become prime targets for ransomware attacks. Before any organization – healthcare or otherwise – pays a ransom, however, Temske suggests examining how much damage will be done if you don’t pay. Do you have an uncompromised data backup from which you can restore? What is the cost to restore vs. pay – both monetarily and in terms of the business’ ability to function in the meantime? Ultimately, the decision comes down to how business-critical the compromised data is to the organization. If you do decide to pay, Temske has one word of advice: “Negotiate. In most cases, you can talk the price down, so it may make sense to consider not paying the first amount offered.”
Logicalis is an international multi-skilled solution provider providing digital enablement services to help customers harness digital technology and innovative services to deliver powerful business outcomes.
Our customers cross industries and geographical regions; our focus is to engage in the dynamics of our customers’ vertical markets including financial services, TMT (telecommunications, media and technology), education, healthcare, retail, government, manufacturing and professional services, and to apply the skills of our 4,000 employees in modernizing key digital pillars, data center and cloud services, security and network infrastructure, workspace communications and collaboration, data and information strategies, and IT operation modernization.
We are the advocates for our customers for some of the world’s leading technology companies including Cisco, HPE, IBM, NetApp, Microsoft, VMware and ServiceNow.
The Logicalis Group has annualized revenues of over $1.5 billion from operations in Europe, North America, Latin America and Asia Pacific. It is a division of Datatec Limited, listed on the Johannesburg Stock Exchange and the AIM market of the LSE, with revenues of over $6.5 billion.
For more information, visit www.us.logicalis.com.