BlackBerry SVP on post-WannaCry Cybersecurity: Start with the endpoints
To help organisations outsmart DDoS, ransomware, and other methods of hacking, the first thing the IT department should do is to understand the cybersecurity risks associated with not implementing secure solutions.
To protect themselves against WannaCry or any other type of attack, it’s critical that organisations prepare ahead of time. Otherwise, once the system has been infected, there is no realistic way to decrypt all the data without paying the ransom – and even that’s no guarantee.
Once the risks are understood, the second thing organisations need to do is to put in place processes to prevent attacks occurring in the future, in particular ensuring that OS and virus definitions are kept up-to-date. Nearly all complex systems have security vulnerabilities, and many are found months, years or even decades after the software is first released. For example, WannaCry was a specific leveraging of vulnerability called EternalBlue, which was specifically within the Windows operating system. In order to fix the leak, Microsoft patched a critical security update in March 2016. Therefore, IT administrators should ensure that all Windows machines on the network receive the appropriate patch update.
It’s also essential to back up critical data in a separate location. Ransomware operates on the assumption that companies don’t have data backups; if you do, you can simply restore the data and get back up and running. What makes WannaCry unique is that it’s a self-replicating worm, meaning that it automatically tries to spread to other computers on the same network. Businesses should ensure the backups are properly isolated, either by segmenting the network or using a cloud backup solution. Secure file-sharing solutions offer both options and can help businesses protect files across all major desktop and mobile endpoints.
The expanding number of intelligent connections and endpoints within an enterprise are also exponentially accelerating organisations’ vulnerability. Now, data breaches and cybersecurity threats are some of the biggest roadblocks for enterprises. It is, however, more important than ever that businesses are able to confidentially and reliably transmit sensitive data between endpoints to keep people, information and goods safe. As such, businesses need to secure their network of endpoints rather than focusing on securing their network of computers.
In order to secure the network of endpoints, organisations need greater simplicity and integration in order to deter threats, and rather than pulling together a patchwork of components and products from different vendors, they must rely on highly trusted suppliers that offer security solutions to meet all their needs. These suppliers should provide an innovative and unified end-to-end solution for the secure management of all endpoints within an organisation.
Finally, in addition to hardening IT infrastructure against intrusion, companies must not forget the importance of education. To prevent vulnerabilities, organisations should educate their employees on security, which regularly proves to be an easy thing to forget.
The more an employee knows about securing their devices, the less at risk they are of experiencing a cyberattack.
Florian Bienvenu is SVP, EMEA, at BlackBerry