Lockdown encouraged all businesses to deploy and rotate quickly, moving at an incredibly fast pace to maintain a healthy workforce and create a work environment that fosters productivity. From the adoption of virtual meeting tools like video conferencing to cloud document storage, the focus has been on setting up and running daily business, which can have a setup cost behind cybersecurity. About the Author John Chambers is the Director of IT Services, Communication, Workplace, Business Process and Applications at Ricoh UK. At Ricoh, we've seen increased use of ransomware, and it's clear that cybercriminals have used this moment of turmoil to their advantage. From stories dominating the news, like the Ryanair data breach and the Honda ransomware attack, to malicious reporting links. Cybercriminals are targeting businesses from all angles at an exponential rate. So how can you protect your business, especially when you plan to return to the office? At Ricoh, we believe that a people-centric approach to cybersecurity is essential for companies looking to make their businesses more secure. A fully equipped employee base to protect against cybercrime is the front-line defense that can give your IT teams more time to combat larger attacks in the future. This article will examine the ways you can equip your employees and IT teams with the right technology to defend your business and the emergency plans and processes that can help protect your business during your transition to the office.
The impact of ransomware on all types of organizations
In early 2020, it had corporate and data center security measures protecting office locations. If remote workers could be involved, they would certainly be in the minority of any company. These days, your business likely has hundreds of unofficial offices with a significantly smaller security perimeter designed for home routers or hubs, both of which are a much more accessible entry point for would-be attackers. This weakening of the defense perimeter, coupled with an increase in phishing emails and links to malicious news sites floating around the web, puts your business at risk. An employee simply clicks the wrong link, and a cybercriminal deploys malware on their work device, before quickly spreading throughout the organization's system and ceasing operations. Ransomware can not only prevent your business from continuing, locking you down, reducing productivity, and costing you more money than you can imagine, it can also have an impact on your future business. Clients want to know that their information is secure, that the projects they work for are secure, and that their valuable data is protected. A ransomware attack can not only lead to the loss of existing customers, but also the loss of future customers by damaging your reputation. The effects can be devastating and long-lasting, and given the uncertainty in the business world, this is not a risk or cost we can bear. What can you do to protect your business?
Protect a business from ransomware disaster
At Ricoh, we firmly believe that people make IT work, which is why IT must be people-oriented. According to the Cyber Security Survey, 63% of disruptive breaches were discovered by employees, not technology. An alarming statistic that in the UK we spent €4 billion on cybersecurity last year. Traditional companies tend to take a preemptive perimeter approach which, while important, may not be as effective as it could be. As such, the use of innovative and disruptive technologies is a great way to increase the number of threats detected by technology rather than by your employees. The first thing any business should do is review their posture and think about how they can respond to an attack at this time. All businesses need to make sure they have two lines of defense. The first is identification and protection. These are technologies like email scanners, DNS blockers, firewalls, and sand blockers, and they act as your outer perimeter to protect you from incoming attacks. However, it is the second line of defense that is crucial, and is often overlooked or seen as an afterthought. The second line of defense must be technology that detects, responds and recovers. When it comes to cyber attacks and ransomware, there is a critical gap between when ransomware infects the system and when it is noticed. The earlier it is detected, the more you can save and the less likely you are to lose. Remember that malware can start encrypting 8-10,000 files per minute once on a system, so time is of the essence. As such, companies must invest in technology that can notify them immediately if their initial cyber perimeter is breached, shortening the time between infection and detection. It's not enough to build a firewall and hope nothing happens. You should be alerted immediately if there is a problem with your defenses and if malware has infected your system.
Evaluation of the digital experience and its cybersecurity
Another way of looking at it is this. The first line of defense protects your employees from phishing links and opening attachments against suspicious senders. The second line of defense gives your business the power to act quickly, ensuring that you are not dependent on your staff to notify you of strange and unusual events; but is there another step you should include? The answer is yes. A recent study found that 66% of remote workers had not received cybersecurity training in the past year. The same study also found that 60% of employees use personal devices to connect to business applications. These statistics, along with the rise in cyberattacks, show how important it is to make your cybersecurity approach people-centric. An organization made up of educated and knowledgeable employees is certainly safer, and while training is an investment of time and money, what it could potentially save you pales in comparison. As such, investing in cybersecurity, from the technology your business uses to the training you provide, is more important than ever, because our defenses are more exposed than they are. never been. The rapid digital transformation of daily activities that I mentioned above may seem like a disruption to you. However, this should be seen as an opportunity to increase your defense and protection, as criminals see it as an opportunity to attack you. In the end, it would be best to take this time to look at what you currently have available and use it to identify areas where it is lacking.