Cyber Security Roles and Responsibilities for the Board of Directors
Expert insights from Roisin Cahill, Head of Managed Service, IT Force. This blog has been written exclusively for IoD Ireland members.
The internet is a medium that has transformed the world. It allows us to instantly communicate with people anywhere in the world and has transformed how we do business on a daily basis. However, this increased connectivity has also introduced new threats to your business and among the most alarming of those dangers are ransomware attacks.
The recent attacks on the Irish health service show that it is no longer just an IT issue. The effects of a ransomware attack impact an organisation across several facets from lost productivity, data loss, downtime and reduced customer confidence.
So, what exactly is a ransomware attack? A ransomware attack is when unauthorised computer programs install themselves on your internet-connected computer devices. The software's purpose is to lock you out of your files and ask for a monetary ransom in return for unlocking them. In this article, we are going to provide you with a practical guide to the role of directors in fighting ransomware.
Any business or organisation can be debilitated by a ransomware attack. Once this rogue software successfully enters one of your systems, it will be able to affect any other connected computers and devices quickly and easily. This means that your entire organisation will be forced to grind to a halt. In fact, large organisations might be even more at risk than smaller ones as there are simply more entry points from which malware can enter. Moreover, at many large entities, there is an increased level of bureaucracy which may slow down the response to an incursion into computer systems.
Furthermore, this is not an issue that you can spend days fixing; all modern and sophisticated attacks of this order come with an automatic timer that may be as little as 24 hours for the victim to pay the ransom. If you do not pay, then your files will be encrypted and thus lost forever. Furthermore, some of those kinds of malware are designed to steal the data before they encrypt it, meaning that personal details of customers and employees could be being sold on the internet to conduct various frauds. This is in addition to the risk of company secrets being leaked, reducing your competitive advantage.
Losses may also include fines, such as the European Union's GDPR regulation which punishes companies that do not keep personal data safe. Reputational loss may also be suffered. Customers and partners will be less willing to work with you if you are a company that does not take its cybersecurity seriously. Having adequate IT security is no longer an option, it is a necessity. To use an analogy, it is similar to switching on the alarm in the building when you leave the office for the evening, you simply have to do it.
A potential way to avoid paying a ransom is to backup your data. The best way to do this is to set up a 'backup regime', meaning that there will be a set period and time when the backup will occur, for example, once a day or week. In this backup regime, you should also note down what kind of data should be backed up, although it is recommended that you backup everything.
Another very important step is to make sure that the backups are not accessible through the main computer system. Otherwise, there is no point in a backup if it is also going to get infected by malware. Using cloud storage solutions can help in this regard.
You cannot simply rely on being able to pay the criminals behind the attack. There are a lot of recorded cases where the crypto wallet or bank account of the hackers has been closed down, which has left the affected companies unable to unlock their files. Of course, you also have to remember that you are dealing with nefarious actors and there is no guarantee that they will allow you to get your data and devices back.
You can have the most secure computer system in the world, but if your employees are not educated about the dangers and how to safely use the internet, then breaches will happen much more frequently.
It is recommended that you train all new employees that will have access to your organisation’s IT systems in order to limit the entry of malware. Furthermore, a yearly refresher will also be very beneficial, as the cyber security scene changes fast with new risks popping up all the time. Someone experienced should handle these training sessions; often it will be beneficial to hire an external computer security expert. There are free tests which you can run to identify how susceptible your staff are to a phishing attack.
Being proactive is a must, you cannot simply go with the flow and hope for the best. Ransomware is a serious threat that affects the biggest and most secure organisations every single year. This is why, it is a must to have the right policies in place in order to maintain high protection levels against malware, as well as to be able to effectively deal with the issue if it does occur. In addition to this, you have to invest in order to have competent security measures in place. In the long-term, this will actually help to save money.
If you want to learn more about this topic, then check out this infographic by IT Force on the top ten guidelines for ransomware protection .