Ransomware: how and why to protect against it
Ransomware looks set to stay, and more variants are emerging every week to wreak havoc on enterprises and individuals alike. As the vicious malware grows increasingly sophisticated and prevalent - even being offered as a service on the dark web - so, too, will organisations continue be attacked and their data will be at risk.
Ransomware, a form of malware that holds a business’s or individual’s data to ransom, can cost hundreds of thousands of rands in ‘ransom’ in order for the data to be made available again. In worse case scenarios - such as with NotPetya, where financial gain appeared to not be the primary objective - data is permanently lost, costing even more in terms of repetitional damage and loss of valuable information. Businesses can no longer afford to take a traditional approach to data security. They have to start developing creative ways to ensure the safety of their company, its data and its people.
How protected are you?
Many organisations assume that if they have network security tools, such as a firewall, in place, that they are adequately protected against ransomware. Unfortunately, this is not always the case. While it is necessary to have network and data security tools in place, these are not fully effective unless they are tested and updated frequently.
Updates ought to be implemented within a business as soon as they are released, and not only in reaction to the latest newsworthy ransomware outbreak. Understandably, installing patches and updates as they are made available isn’t always practical as, typically, operations need to be ceased while these are installed. The concern with scheduling change control to install patches is that organisations are left vulnerable in the time between the patch release and its implementation. This can sometimes take as long as a week, or even more, depending on a business’s change control frequency.
Businesses need to think creatively to install patches as quickly as possible with minimal disruption to daily business. Whether this means staggering the install across the business, scheduling more frequent change control sessions at the least disruptive times, or leveraging sophisticated technology which enables the automatic installation of patches while the business is fully operational, the fact remains that the faster that a business implements an update, the safer they will be.
Automated updates that run in parallel with an organisation’s operations are ideal, but can be expensive. Businesses need to consider what they are willing to spend to keep their data safe, including weighing up what risks they are and are not willing to accept, and adapt their data protection strategy to this.
Why a data security policy matters
Even the most up to date systems, however, are rendered ineffective if they are not tested regularly to ensure that they work as they should. A proper data security policy needs to be implemented which enforces the regular testing of all security tools, measures, procedures and practices. Before compiling a policy, however, businesses need to understand the flow of their data.
Part of any good data security policy is the ability to carry out the necessary procedures when a threat occurs. This is a three-pronged approach. Firstly, the business needs to understand the business’s data flow, to help identify precisely where data is located within a business and to isolate that data when a breach occurs.
Then, the business needs to be able to react quickly and reliably in response to any threat, in order to protect their data. There are tools available which help to identify threats and automatically isolate them, while also encrypting data and storing it centrally to achieve faster data restorations. Automatic multiple backups allow an organisation to go back to a specific point in time to retrieve any data lost, so as to achieve the best possible sameness as prior to the threat. Having a single tool which covers all of this reduces the complexity and helps to more easily manage data flow, data security and data restoration
Lastly, everyone within the business needs to be aware of what steps to follow to protect their data proactively and reactively, and what the consequences are if they do not follow these protocols. When individuals understand the importance of their data, and the requirements for protecting that data, they are better able to do so. This, in fact, may be one of the most important aspects of creating a data security policy - if everyone follows the right steps to protect themselves and the company, risks are drastically reduced.
The reality is that data, today, is a business’s most valuable asset. Boldly speaking, when it comes down to it, every other aspect of a business can be replaced, from the building to its infrastructure to its very staff. Data is irreplaceable, and cybercriminals are cashing in on this weak point. Businesses must be prepared.
Mike Rees, Territory Account Manager for South Africa, Commvault
SAS: Improving the British Army’s decision making with data
SAS’ long-standing relationship with the British Army is built on mutual respect and grounded by a reciprocal understanding of each others’ capabilities, strengths, and weaknesses. Roderick Crawford, VP and Country GM for SAS UKI, states that the company’s thorough grasp of the defence sector makes it an ideal partner for the Army as it undergoes its own digital transformation.
“Major General Jon Cole told us that he wanted to enable better, faster decision-making in order to improve operational efficiency,” he explains. Therefore, SAS’ task was to help the British Army realise the “significant potential” of data through the use of artificial intelligence (AI) to automate tasks and conduct complex analysis.
In 2020, the Army invested in the SAS ‘Viya platform’ as an overture to embarking on its new digital roadmap. The goal was to deliver a new way of working that enabled agility, flexibility, faster deployment, and reduced risk and cost: “SAS put a commercial framework in place to free the Army of limits in terms of their access to our tech capabilities.”
Doing so was important not just in terms of facilitating faster innovation but also, in Crawford’s words, to “connect the unconnected.” This means structuring data in a simultaneously secure and accessible manner for all skill levels, from analysts to data engineers and military commanders. The result is that analytics and decision-making that drives innovation and increases collaboration.
Crawford also highlights the importance of the SAS platform’s open nature, “General Cole was very clear that the Army wanted a way to work with other data and analytics tools such as Python. We allow them to do that, but with improved governance and faster delivery capabilities.”
SAS realises that collaboration is at the heart of a strong partnership and has been closely developing a long-term roadmap with the Army. “Although we're separate organisations, we come together to work effectively as one,” says Crawford. “Companies usually find it very easy to partner with SAS because we're a very open, honest, and people-based business by nature.”
With digital technology itself changing with great regularity, it’s safe to imagine that SAS’ own relationship with the Army will become even closer and more diverse. As SAS assists it in enhancing its operational readiness and providing its commanders with a secure view of key data points, Crawford is certain that the company will have a continually valuable role to play.
“As warfare moves into what we might call ‘the grey-zone’, the need to understand, decide, and act on complex information streams and diverse sources has never been more important. AI, computer vision and natural language processing are technologies that we hope to exploit over the next three to five years in conjunction with the Army.”
Fundamentally, data analytics is a tool for gaining valuable insights and expediting the delivery of outcomes. The goal of the two parties’ partnership, concludes Crawford, will be to reach the point where both access to data and decision-making can be performed qualitatively and in real-time.
“SAS is absolutely delighted to have this relationship with the British Army, and across the MOD. It’s a great privilege to be part of the armed forces covenant.”