How to meet ransomware head on and still come out fighting
Ransomware is a formidable opponent and attacks can cripple businesses. No one is safe, but there are steps you can take to protect your organisation.
Is your business 2021 ready? There are plenty of new issues to concern ourselves with in these unusual times, but keeping your eye on the cybersecurity ball is one constant that has not changed – even if the logistics have. Quentyn Taylor, Director of Information Security at Canon EMEA offers his thoughts on what you should be aware of and definitely looking out for as we enter another challenging year.
Uncovering the security gaps in home working
“For me, home working will be the most impactful security factor for 2021 – both in a good and a bad way,” says Quentyn. “In some cases, it causes as many problems as it solves!” The blurred lines between home and work have already caused plenty of problems for IT teams, as employees mix and match their technologies for their convenience. “Take IoT, for example. A lot of the services employees are using were initially conceived for home usage alone,” he explains. “But with more and more people staying at home to work, they’re increasingly being used for business purposes.” Organisations will need to mobilise in order to understand what is being used in and take action to secure their company data.
Particularly as employees’ homes are now the location for sometimes confidential business conversations, snippets of which may be picked up through smart assistants, such as Amazon Echo and Google Home and mixed in with other data. “And what happens to that data when there's the inevitable security breach?”
Investment in cybersecurity and networking for hybrid workers.
As a result, if they haven’t already, companies should and will start to take the cybersecurity side of working from home a little more seriously. Quentyn believes that it’s time to divert office investment into smaller solutions packages, the kind that are designed to protect employees when they’re working from home. “This is likely to include looking at network connections, which, until now, have depended on employees making the right choice,” he explains. “I expect that we’ll start to see major telecom providers partnering with companies to offer ‘Home Office’ capable internet connections.” The days of employees selecting the most economical provider or simply taking the one that comes for free with their satellite TV subscription are looking numbered. In fact, there is the potential for businesses to effectively ‘pull the trigger’ on an even greater digital revolution, as they demand more from the connections their teams work on. This corporate demand may well drive higher speed network connections outside of city centres.
Home working will be the most impactful security factor for 2021 – both in a good and a bad way
The ransomware marketplace
At the other end of the cybersecurity scale in 2021 is our old friend ransomware. This year, Quentyn predicts the end of the ‘encryption phase’ of the familiar ransomware programme. “Many cybercriminals have realised that when they’re targeting larger corporates, the best way to guarantee a pay-out is to threaten to release company data, rather than deny the business access to its infrastructure,” explains Quentyn. “My view is that we’ll start to see the rise of pureplay extortion based on this ‘data leak threat’ approach.” This could be highly problematic, as such a new practice is dramatically cheaper, and a new lower cost of entry may encourage a surge in new groups with a focus solely on data theft and extortion. Worse still, “this could lead to a whole marketplace of selling and obtaining data.” In short, criminals focusing just on the stealing of data and then selling it on the open market to other criminals who will then use it to hold the company ransom.
For more predictions, advice and insights, follow Quentyn’s playlist on Canon Europe’s YouTube, and stay on top of the latest recommendations for managing your information security.