Companies from a variety of industries are unexpectedly hit every day by unassuming cyberattacks. This can often, and understandably, throw them into a state of panic, says Miri Marciano, Director at the consultancy Boston Consulting Group.
In December last year The Guardian’s headquarters were hit by a ransomware attack which forced its employees to work elsewhere, also affecting the company’s technology infrastructure with IT staff needing to focus on system restoration, this then had multiple impacts on the business as a whole. When something unexpected like this happens, it can be hard to determine suitable next steps whilst simultaneously keeping a business running. The consequences of an attack mean your business could face huge disruption and damage – so investing in recovery is a no brainer for those that intend to survive in this tricky cyber threat terrain. Often these attacks are completely unexpected.
Cyber continues to be an evolving threat that is hard to get ahead of but creating awareness and not being naïve will certainly help to minimise the aftereffects. Businesses need to be more prepared and plan to implement specialist teams in this area. To help in this, governments need to be on hand to provide valuable guidelines, resources, address the skill shortage and promote cyber hygiene compliance processes. They should also be prepared to stand in the attackers’ way including by disrupting their capabilities and their business model. In the past couple of years, there have been numerous changes in the way we live, work and socialise. The shift from office work to working from anywhere was accelerated by the pandemic which in turn accelerated collaboration across the globe and migration to the cloud. This presented a larger attack surface area with more opportunities to attack organisations. In addition, the war between Russia and Ukraine disrupted the world order and increased the attacks with the aim of disruption, carried out by countries or terror groups under geopolitical motivation. Also, an unstable economy created an atmosphere of crisis which motivated attackers.
These three factors are just a few that have made it difficult for businesses to implement safety precautions. Though it is encouraging that a lot of research is conducted in this space, a constant feed of information on the newest cyberattacks and skills is needed for businesses as the landscape changes day in, day out. As the world continues to change, it is also interesting to see how new digital platforms are being developed and where the risks will manifest themselves as new doors are opened and new tools are given to attackers.
Relieving pressure on employees
Businesses must allocate more money to dedicated cyber teams and seek professionals with leading cyber skills. To fulfil protection, detection and response needs, some businesses will turn to Managed Security Service Providers (MSSPs) and will incorporate automated technologies where possible to be more efficient. In terms of the types of attacks themselves, ransomware will be the most common villain that disrupts businesses this year and it is unfortunately becoming more destructive as time goes on. Businesses should stay vigilant, alert, and aware about upcoming trends.
Always be prepared
We know attacks can break down barriers, obtain sensitive information and cause huge amounts of damage so it’s obviously essential that recovery plans are devised in case a threat materialises. Providing training courses and awareness programs for all staff is invaluable. By implementing safety precautions, a business can future proof itself and be as ready and as resilient as possible in the face of unforeseen challenges. Preparation is absolutely key for companies to stand any chance of outsmarting cyberattacks.
The continuous evolution and unpredictable nature of cyberthreats means constant vigilance and preparation are key for a speedy recovery. Businesses will find it hard to entirely avoid the cat and mouse chase so they should instead embrace becoming skilled players in order to deal with the bad actors.
