Cyber Security without Cyber Preparedness is a crazy risk
David Leng
Managing Director at Winovate Partners Ltd change management consultancy, portfolio Chairman and Non Executive Director working with businesses that are changing.
Board Priorities
I suspect you are spending quite a chunk of money on anti-virus software and firewalls. I am sure that you are concerned about training your staff not to click on “threat” emails. You may have even gone so far as to roll out some training to staff and even done some penetration testing where you have tried to tempt your staff into clicking on to something they should have recognised as malignant.
It’s important that you do try to try to keep the ransomware and other threats out but (and here is the big but) they will get in!
You and your board need a fundamental mind shift switch – assume the bad guys will get in and work on what can you do to mitigate. The adage of “hope for the best (antivirus) and plan for the worst (ransomware attack)” is the right approach.
Would you travel on a ship with no life jackets?
In a presentation at the RSA Conference 2020, Joel DeCapua, a supervisory special agent with the FBI's Global Operations and Targeting Unit,?revealed?that organizations paid $144.35 million in bitcoin to ransomware groups between 2013 and 2019. The data doesn't include ransom payments in cryptocurrencies other than BTC. Of those payments, $61.26 million were sent to the Ryuk gang. These are the known payments -there are many more unknown. Many companies don’t pay the ransom and recover but no one is adding up the consequential loss costs to the “survivors”
Since May 21 alone
Risk is accelerating
According to Kasperski in 2020 During the year, 10.18% of Internet user computers worldwide experienced at least one Malware-class attack and attempted infections by malware designed to steal money via online access to bank accounts were logged on the devices of 668,619 of their users alone.
The money that the bad guys are spending to innovate ahead of the antivirus sellers is huge. In 2020 Kasperski identified more than 26,700 ransomware modifications and detected 21 new families. Note that they did not create a separate family for each new piece of ransomware. Most threats of this type were assigned the generic verdict, which they give to new and unknown samples.
You should be thinking about a “black hat” day with your operations teams to think about when the call comes at 4pm on a Sunday to say “we are infected and starting to shut down the operation” what happens next and who is leading the recovery.
领英推荐
Things to think about
Communications internal and external – Who? How? What? When? Do you have alternative email, web site hosting, mobile phone numbers, is the VOIC down?
Recovery plan – recovery partners, timings and resource allocation, critical steps?
Backups – availability and useability and testing?
Order to cash cycle impediments – lack of cash will kill you – where is the risk?
Impact on suppliers and customers – lack of both will kill you -where is the risk?
Can you introduce a critical control network (CCN) to air gap the manufacturing network from the office network?
Have you checked that you have insurance and that you are complying with the conditions of that insurance?
Plus, a host of other practical things that I guarantee your I.T. team will never have discussed with your operations until the call.
Get some help with the unusual
We can help you move from unconscious incompetence to conscious competence. Give me a call and buy a life jacket. We can’t stop you from being attacked but we can help you manage some of the fall out.
David Leng – Winovate Partners Ltd 07710027644
David successfully led the Customade group through the recovery of an RYUK ?ransomware attack in Jan 2020 and has a wealth of practical experience in operational risk prevention.