sb-as logo
Story image

Cisco warns companies to stay ahead of cyber threats

Dimension Data and Cisco, have joined forces and published a white paper to help organisations stay ahead of ransomware threats.

The paper looks ransomware trends and impacts, and how to respond before a threat becomes a business disruptor.

According to a Cisco 2017 Mid-Year Cyber Security Report, ransomware is one of the main threats to digital business. 

Globally, around 49% of businesses experienced at least one cyber ransom attack in 2016, and of those, 39% were ransomware attacks. 

In the US alone, the number of attacks rose 300% from 2015 to over 20,000.

This trend can be attributed to the growth of ransomware-as-a-service (RaaS), where cybercriminals pay the operators of RaaS platforms to launch attacks.

Neville Burdan, Dimension Data APAC general manager says, “The escalation in ransomware attacks in the digital economy makes every organisation a target.

“This risk escalated when cryptocurrency and bitcoin became a common avenue for a ransom payment.”

“That’s because cybercriminals cannot be traced, and as more employees work remotely on personal devices, the risk is further compounded.”

Deep threat Intelligence and research are key to outsmarting cybercriminals, and a critical success factor is to disrupt the attack before it becomes the business disruptor.

Burdan continues, “Security controls alone are not sufficient to address a ransomware threat, and organisations need to adopt a multi-layered approach to stop the cyber kill chain. 

“This means identifying emerging threats before an attack, quick detection, a swift response to an attack, all the way through to the backup and recovery process.”

The ransomware white paper includes a five-point framework for organisations to adopt to defend against a ransomware attack.

This includes:

  • Predict and be informed before the attack occurs:

Proactively research what’s discussed on the dark web, new exploits that will be used, and industries or companies that will be targeted.

  • Protect: 

Identity and access management (IAM) tools are essential to protecting enterprise devices and computing assets. Network access control (NAC) ensures that only devices that have the adequate security settings and adhere to IT security policies are able to access corporate systems.

  • Detect:  

Technologies should be in place to detect anomalies in the infrastructure, in the event that malware has infiltrated the endpoints or network. The network must be monitored to check for indicators of compromise. Turning on AI-enabled malicious traffic detection can also help automate detection swiftly before the attack worsens.

  • Respond: 

When a ransomware incident has been detected, security experts must work fast to block malicious communication channels at the firewall or IPS, and quarantine infected machines.

  • Recover:  

Backup is a critical part of the strategy for fast recovery. In addition, the backup system needs to prevent the replication of files that were maliciously encrypted by ransomware. This can be achieved with dynamic segmentation and inherent security features.

Burdan concludes, “Recent ransomware attacks have highlighted the fact that improvements are needed in any industry or any size of the organisation. 

“With the right framework, tools and processes, companies will become better equipped to disrupt the ransomware attack before it becomes the business’ disruptor."

Story image
Shlayer malware proves Apple devices aren't as secure as you think
"Apple never talks about malware publicly, and loves to give the impression that its systems are secure. Unfortunately, the opposite has been proven to be the case with great regularity."More
Story image
Sophos named mobile security Leader in IDC MarketScape
Sophos Intercept X for Mobile has capabilities in protecting Android, iOS and Chrome OS users from known and never before seen mobile threats.More
Story image
Gartner: By 2023, 65% of the world will have personal data covered under modern privacy regulations
“Security and risk management (SRM) leaders need to help their organisation adapt their personal data handling practices without exposing the business to loss."More
Story image
Five security challenges for the Enterprise of Things
Many enterprise networks aren't adequately managed, creating risk for businesses that don’t have full visibility into all of the devices on their network, writes Forescout regional director for A/NZ Rohan Langdon.More
Story image
ConnectWise launches bug bounty program to bolster cybersecurity strategy
“Crowdsourcing in this way represents a solid additional layer of security, and we clearly value the community's expertise and participation in helping us keep our products secure."More
Story image
CrowdStrike integrates with ServiceNow program to bolster incident response
As part of the move, users can now integrate device data from the CrowdStrike Falcon platform into their incident response process, allowing for the improvement of both the security and IT operation outcomes.More