What do Colonial Pipeline, ACER, and Accenture have in common? They each had the misfortune of creating global news headlines, as some of 2021’s highest profile ransomware attack cases.
Not alone they were in fact among 66% of organisations who were hit by such an attack, an increase of 29% from the previous year according to Forbes.
Whilst these are huge companies, a cyberattack can happen to any organisation no matter the size or industry. Just because you have a small or medium sized business it does not mean that you are immune, indeed recent statistics show that the threat to such businesses is becoming greater.
With these crimes having ever increasing reach and sophistication business owners are waking up to the threat. This is demonstrated by a surge in cyber security programmes alongside the hiring of C-level security focused stakeholders such as Chief Information Security Officers (CISO) who aim to deliver a resilient cyber security strategy.
When it comes to a cyberattack, it is no longer a matter of if but when. If you have not started to look at your defences, now is the time.
Here we outline three ways to build up your cyber resilience to effectively protect your business when an attack happens. By doing so it will recover quickly with minimal downtime and its reputation and finances intact.
1. Establish full visibility of your critical assets and infrastructures
When it comes to preparing a robust cybersecurity strategy you first must identify which data, systems, applications, and workloads are critical for business operations. It will be these that are most vulnerable and therefore most likely to be a target.
Focus on protecting these vital assets with a clear map to identify them, how they relate to your overall IT infrastructure and then use a weighting system to rank the importance of each to business continuity.
From there you can begin to work out any gaps in security and what you need to implement to fill these gaps and protect against any incidents/breaches.
This is also a key step in defining who/what has access to data along with who holds responsibilities for it. You can then start to put rigorous access management controls into place to limit the risk of any potential attacks or breaches.
2. Cyber defences
A proactive cyber defence allows you to anticipate all manner of cyberattacks before they happen, and not just ransomware.
Look to implement a Security Information and Event Management (SIEM) system. This provides real-time threat detection and a swift response by identifying network activities that are suspicious or which deviate from the norm. It also provides compliance reports and audits.
Couple this with security authorisation, automation, and response (SOAR) technology for automated incident identification and response.
Brightsolid Managed Detection and Response (MDR) offers this two-pronged approach using its expert team of cyber security engineers and analysts, along with industry leading Microsoft Sentinel and Microsoft 365 Defender to monitor and manage your assets and prioritise alerts 24/7 to minimise incidents.
This solution is the perfect choice if you do not have a dedicated cybersecurity team or limited resources.
3. Backup and recovery
Increasingly backup systems are becoming a target for ransomware attacks as once attacked they seriously compromise your business continuity. Making it more likely that you would pay a ransom should such a situation arise.
It is vital therefore that your business no matter the size, has a comprehensive backup and recovery plan. Failure to implement a recovery plan can result in critical data loss and profound consequences including bankruptcy and business closure. At a minimum an average data breach can cost a business in the region of £8460.
The solution is a multi-layered defence to ensure that should a breach or incident occur your business remains operational with minimal downtime. Consider immutable backups for your critical workloads, data, systems, and operations, this prevents the deletion or modification of any data you back up to the cloud.
It is one of the comprehensive risk prevention strategies available with Brightsolid Back up as a Service (BaaS) solution designed to give you peace of mind that your data defence, backup and recovery are equipped to face todays threats.
Now is the time to act
Don’t bury your head in the sand and put your business at risk, start your journey towards cyber resilience by getting in touch with the team here at Brightsolid. Together we will design solutions which fit your needs and leave you safe in the knowledge that you are prepared for any eventuality.