Cyber Security Interview
David Parkes, Sales Engineer of Amshire had an interview with Consort IT Ltd. This was to discuss how businesses can improve their cyber security in the era of ransomware attacks and CryptoLocker viruses. David explains why a layered security approach and a robust Disaster Recovery is the best solution.
What do you think are the main risks facing small business?
The biggest threats facing small businesses at the moment are the ransomware or CryptoLocker viruses, such as WannaCry. The more tradition worms and infections are relatively easy to deal with. The main concern are attacks that attempt to lock companies out of their data, and potentially on a permanent basis.
Are small businesses prepared and do they understand the threat?
I think more and more small business are slowly coming to terms with the threat. Especially as it has become more publicised in the media. Ransomware attacks that hit the NHS in 2017 have driven this type of attack into the forefront of public discussion. The positive side of this is that small businesses are now more aware of the threat. Many are now looking to invest in technology to help them protect and restore their data if it were to become encrypted.
How does Amshire Solutions help small business protect themselves from these attacks?
We recommend a layered security approach for our Customers. This involves combining multiple security practices in one bundle.
- This includes an anti-virus product, which looks for threats that are running or threats that run when you execute a file.
- Secondly, we recommend implementing a network security suite, which looks at all the network requests coming from a computer or a network. If it identifies any known malicious locations, it will block malware, botnets or requests for private keys to encrypt data that come from that source.
- The final layer is Disaster Recovery, if the worst happen and a company’s data is encrypted. Disaster Recovery makes sure businesses have all the necessary data backup to help them quickly and easily recover without having to pay a ransom.
We have seen in recent months that, in the case of those that have been infected and had their data encrypted, the virus itself has been a new variant. In many cases, it was released in the morning and businesses have been hit that same morning before vendors knew what was happening. this means that patches aren’t available to protect businesses. Therefore, a layered approach is so important, as it covers all bases.
What should business do to protect themselves?
It is a catch 22 situation for most small businesses. The solution on offer are not always the cheapest, but the risks of remaining unprotected can be even more costly.
For instance, let’s take a look at our Disaster Recovery software. yes, it is quite expensive but it can be the difference between a business immediately bouncing back after an attack or losing important data and suffering the reputational costs that would follow.
Disaster Recovery mitigates the amount of loss when an attack occurs. For example if a CryptoLocker attack strikes at 15:15pm, we can restore the business’s data back from 15:00pm that same day, so they will only lose that 15-minute window of work. It is this level of protection that can make all the difference.
If you had to give one piece of advice to small business, what would it be?
It is important to be extremely vigilant, especially when receiving emails, opening attachments or clicking on links. that is how these things tend to spread.
We live in an age of digital technology, where everyone is always on their mobile phones, laptops and tablets and are always clicking on links. Sometimes we do it without thinking. We all need to learn to take a step back and think:
- Am I expecting an email from that person?
- Is this an attachment I am expecting?
- Does it look a bit suspect?
Human error will always creep in. it is inevitable. The only way to truly mitigate the risks is the layered approach to cyber security. Business owners may see it as a big investment now. However, it is worth it when considering the costs of an attack. That’s why it is important to invest in a thorough and robust Disaster Recovery solutions, with a layered security approach.