Vigilance the key IT Security skill – but can humans master it?
- Ransomware isn’t going anywhere, in fact it is increasing
- Every week brings new examples of known companies being compromised
- Employee awareness is a key part of the defence, but there’s an important role for software that fights “vigilance fatigue”.
In the year of the pandemic, it’s been easy to lose sight of the other recent plague – ransomware.
Seyfarth Shaw’s IT team became aware of the attack as it was unfolding, and managed to quarantine it, but not before a number of systems were encrypted and had to be shut down.
The US head office of Seyfarth said it is “coordinating with the FBI” and “working around the clock to bring our systems back online as quickly and safely as possible.” Source IT News.
Australia’s Spotless Group was attacked last Friday the 9th of October. It deployed business continuity plans to keep delivering services, but the attack was serious enough to notify the Australian Cyber Security Centre and call in external experts to dissect it and ensure a smooth recovery.
These issues highlight two key takeaways
- Ransomware hasn’t hit the mainstream news headlines much this year, but it’s increasing at a concerning rate. Checkpoint produced a report in June that indicated a 50% increase, on average across the countries protected by its security product.
Indeed, as IT News noted, Spotless is just the latest in a string of Australian business entities that have been attacked with ransomware in 2020. Others in the list include Toll Group, Lion, BlueScope and Regis Healthcare.
- Vigilance is a key IT skill that can be encouraged through IT Security training but no amount of training can see it maintained 100% of the time. The reason that many ransomware schemes are successful is that humans are fallible and can be tricked into clicking on links that, in retrospect, should have been more thoroughly questioned. Humans need backup.
Vigilance in a Bottle
Your IT team (either a Managed IT Service Provider or your in-house team) needs to deploy a Security Event Monitoring Platform that can alert it quickly to ransomware infections, which can rapidly encrypt whole networks if left unchecked. It’s the backup for when human vigilance fails.
The last word…
Do you have a Security and Incident Event Management (SIEM) platform that could detect the rapid encryption of your company files? It’s an essential part of all large to enterprise-size companies’ IT toolkits.