Here are reasons to increase cyber awareness, reduce cyber complacency, and avoid paying cyber ransoms …

As the pace of digital transformation races ahead at breakneck speed, many firms globally and in the region have been guilty of leaving their systems under-protected and in some cases even skipping key cybersecurity protocols required to prevent, detect, and respond quickly to cyberattacks altogether.

The pace of technological change has caught governments and regulators off-guard. The dangers around the lack of data protection and data breach laws also make the region an increasingly attractive attack vector.

Experts are united in warning corporations against paying ransoms. In many cases, rather than making the problems go away, paying a ransom merely increases the chances of another attack before the organization has had an opportunity to improve its cyber hygiene.

Ultimately, organizations without adequate protection and backups will be crippled without access to their data.  

Prevention is better than payment

By identifying gaps in legacy security architecture and introducing a ransomware prevention checklist, cyber defenders can ensure that their infrastructure is robust enough to prevent critical data from being held to ransom in the first place. Also:

  • Despite the constant threats and demands for ransom payments, firms need to know they are never alone if a breach occurs. Organizations, law enforcement, and cybersecurity companies are increasingly collaborating to bring these malicious actors to justice as cross-border chases become the new normal.
  • Although there is an argument that existing laws need to be improved to ensure attackers are made accountable for their actions, the US authorities have united in educating industries and in creating stricter cyber regulations, even if the attackers are in a different country to their victims (usually involving state-sponsored attacks that can further create tensions in already strained diplomatic relations).

With digitization, the boundary between the real world and the cyber world is growing increasingly thin. As a result, firms in the region will more commonly hold attackers accountable for their crimes. This is a global movement that is gaining momentum. It is hoped that this increasing collaboration between nations will help build new international laws that will address online crimes.

Ryan James Murray, Director (APAC), HUMAN

Safeguarding against cyber complacency

Cyber security complacency among senior executives, employees, and business stakeholders is possibly one of the biggest threats facing businesses, and it is seldom discussed. The problem is that people slowly become numb to increased training and repeated messaging about the dangers of cybersecurity threats.

A firm’s employees are either its strongest line of defense against cybercrime or its weakest link. Therefore, firms should raising cyber awareness, arrange for continual cybersecurity training, and arm teams with the right preparedness by:

  • ensuring that everyone is united in following best practices when managing their passwords
  • getting IT teams to actively conducting routine cyber readiness reviews
  • being cognizant that increased cyber awareness training frequency can desensitize employees and cause security fatigue and cyber apathy to set in. Multiple training approaches can be used to reduce this possibility, but there is no avoiding the fact that cybersecurity is now everyone’s responsibility

As the data for ransom trend continues to gain momentum, both businesses and individuals must remain vigilant and attack the problem together. For these reasons alone, motivating teams and transforming the cybersecurity culture is crucial in eradicating apathy towards cyber threats. Data for ransom has become everyone’s business.