Lessons Learned: With sophisticated cyber and ransomware attacks on the rise, don't lose sight of the basics

We’ve witnessed a growing trend with hundreds of companies around the world falling victim to ransomware attacks. Hackers have targeted everyone from schools to grocery store chains to health care providers. The Colonial Pipeline incident demonstrated how these attacks can cause significant disruptions for businesses, customers, and even society at large.

As the former CEO of IBM, I know how important it is for companies to protect their systems and their customers’ data. Companies need to constantly raise the bar on taking preemptive action to address cybersecurity rather than waiting until it is too late. This lesson should be applied by governments and businesses in every industry, not just tech.

Most discussions about cybersecurity assume that the victims have succumbed to sophisticated government attacks and hackers. But that isn’t always the case. Many of the issues are caused by a failure to keep up with the basics.

The key to cybersecurity is to be proactive. Here are the three lessons everyone should keep in mind to protect their businesses/networks.

1.Keep revisiting the basics

For as sophisticated a problem as cybersecurity is, it is often an individual mistake that opens the door. Therefore, it is critical that you are routinely training your teams and reviewing access.

Most people already focus on the basics while they’re at work. Now, they need to think about it while at home, and their family members, too. Hybrid work environments have blurred the lines between the home and office, and the lines between work and personal technology.

Identity access — controlling who can access what, and granting access permission — is a constant issue. People coming and going from jobs, and sharing passwords in the process, is the number one way to create a situation — either intentionally or accidentally — that allows for bad actors to gain access to your network.

2. Accelerate the use of AI in Cybersecurity

Artificial Intelligence can be used to help spot the early warning signs of bad actors and prevent them from spreading trouble. AI can fill the gaps when there isn’t enough human training and capacity to address the issue. New talent pools can also be opened to you, when AI is used to help new employees do their cyber job.

Most times, you won’t see that your company’s network is infected, even though it could have happened a year in advance. It’s too complex for the human mind to do, and even too complex to write a program that can identify the issue. But AI can connect the unrelated dots and allow you to see early patterns.?

Our future is not man versus machine, but man with machine. You must fight tech with tech.

3. Put your effort into recovery and resilience?

Once you’ve revisited the basics to protect your network and adopted tools like AI to help you identify threats early, the next best thing you can do is have a plan to get back up and running as fast as possible.?And, be sure your plan has actually been tested.

Think about it like germs in your body. Good hygiene can limit your risk of getting sick. But if you do come down with the flu, what’s important is trying to stop it from turning into pneumonia. Early detection helps improve your odds of recovery.

For example, one common mistake people make on resiliency basics is failing to properly segment their network. If you have a flat network, something bad can easily move across the whole company. Network segmentation is like pruning a sick branch before it has a chance to infect the whole tree.

The best way to respond to a ransomware attack is to stop it from happening in the first place. By consistently revisiting the basics, accelerating the use of AI to supplement your security, and putting your effort into recovery and resilience, governments and businesses will be better prepared to resist potential cyber threats.