There’s been a lot of talk around ransomware lately, a lot of chatter due to the array of organizations, including healthcare providers, that have been hit by ransomware. Some pay the ransom, while others don’t (one of the most recent stories in the news is of a hacker selling 650K healthcare records on the dark web).
Not only is this bad for business, but organizations also risk their data being held hostage as has happened to a number of institutions (like the two Southern California hospitals in March), which then interrupts their day to day activities. Even worse, when it’s hospital data due to that patient information being vital to saving people’s lives.
Based on this bit of background, it’s no wonder why ransomware is in the news and why businesses are increasingly concerned with this type of threat.
79% of businesses are concerned with ransomware
So, how can executives assure a continuation of business operations and decrease the ransomware threat? One of the best solutions involves business continuity (BC) plans and services. When adopting an effective BC plan, organizations aren’t only preparing for a natural disaster situation. They can also prevent their data from becoming inaccessible due to the data being held hostage following a ransomware attack. It’s not that they get the data back from the thieves, but they won’t lose access to that data either (consequently enabling the organization to continue doing business).
When you set up a business continuity plan there are different components to it, which include determining recovery requirements. This will not be a technology only solution, since technology alone never works in winning against hackers. Rather, it means an organization’s entire IT infrastructure, partners and other working operations sites will be evaluated to ensure the recovery of data is available all around, no matter the disaster at hand.
Furthermore, if your business continuity plan has been set up right, this means testing and retesting will take place to be sure the plan continues to be effective in all areas of operations, at all times. Since times change quickly, it is essential for a business continuity plan to be revisited time and time again. It would become ineffective otherwise. Also, the review process takes into account an organization’s strategic goals and compliance needs. This is also important for businesses if they want to avoid fines and pursue growth objectives.
When it comes to fighting ransomware, most businesses haven’t changed what they think will help to protect them from the threat. The 2016 Ransomware Concern Study found that 89% of organizations consider security awareness training for their employees to be the most effective defensive measure and 83% say back-up files are best to protect against ransomware. These numbers were the same ones reported in 2014.
Two years have passed since the 2014 study, and ransomware attacks continue to be successful, while organizations are not. The reason is that it takes a lot more security awareness and back-ups to keep data safe and a business in operations following a ransomware attack.
At the end of day, if ransomware strikes, an organization’s best chance of survival and most cost effective solution is to be able and stay operational; ergo, business continuity. You halt business, you halt growth; and the financial consequences, in addition to backlash from losing trust with end consumers, make it that much harder to recover from the attack.
Have you set up your business continuity plan so that it withstands a ransomware attack? Let’s talk and find out.
Schedule your free 15-minute consultation today!
Photo courtesy of wavebreakmedia