BAE SYSTEMS PLC Ransomware has taken firm root as one of the key threats facing businesses across financial services. Andy Snowball says that with all organisations likely to experience an attack at one time or another, effective preparation and the capability to respond to an incident is vital
But embracing the unexpected is one thing, failing to prepare for what is foreseeable is quite another. Take ransomware, for example. This is where hackers encrypt data and demand payment for it to be restored.
Financial services organisations are particularly vulnerable as they tend to have a large number of legacy systems that are difficult to monitor - which can make it easier for a ransomware attack to occur if the attacker is able to gain access to these systems.
Such attacks are increasing with such prevalence that we can now say with some certainty that every financial services organisation on the planet is likely to experience an attack of some sort at some point.
It's unavoidable.
And look, I know I would say that. I head up incident response at BAE Systems. It's my job to go out and examine attacks and persuade companies to focus more on their cyber defences. I get it. But fortunately, you don't have to take my word for it.
Ransomware on the radar
So, with the circling threat of ransomware attackers now a constant feature of the business and financial services landscape, it is incumbent on all organisations - large and small - to be prepared. And that means having an effective incident response plan in place.
Putting it into practice
Unfortunately, it's easier said than done. Responding is not a tick box exercise - there is no check list that you must go through and every single incident brings its own challenges.
There are a number of things an organisation can do in order to prepare itself as best as possible. These range from having experts on standby, to understanding your estate's critical data and systems and what needs to be done to protect them, to practising what to do in the event of an attack.
This is particularly important as repetition develops organisational muscle memory. If a security team gets a phone call at 3am on a Sunday morning, they don't have time to scramble for copies of plans and processes. There are also a lot of moving parts - it's not just a technical response; it involves the entire organisation and each department has a role to play.
Practice also allows an organisation to test the process and refine it. As organisations and threats develop, the plan and process have to change accordingly and be tested to make sure they are fit for purpose - and that's where BAE Systems can come in.
Rapid response
As ransomware has risen up the agenda in recent years, we have been increasingly supporting organisations in their preparations and responses to attacks. Within hours of a call to our 24/7 incident hotline, we respond with remote support from one of our centres of excellence in the UK, Australia and Malaysia. We will also rapidly deploy our expert personnel to your site if needed, supported by BAE Systems offices and infrastructure around the globe.
These services combine our technical skills with strategic guidance to ensure your organisation makes the right decisions at the right times to minimise the impact of the attack. Our teams will work together to provide unparalleled visibility of what happened in an attack, and to highlight vulnerabilities that may have played a role in the incident. And if a breach of security has already made the headlines or attracted regulator attention, then our team can help you manage internal and external stakeholders, as well as the press.
It all comes down to creating a response which reduces costs and helps mitigate the risk. That's the bottom line - and it's one that any company can ill afford to ignore.
If you think your organisation has been a victim of a cyber attack contact our 24/7 Cyber Incident Response Team
Andy Snowball is Head of Incident Response at BAE Systems Applied Intelligence
Recommended reading
- Enabling smarter cyber security at home. The pandemic has revolutionised our working practices but in doing so it's also opened the door to increased cyber attacks. Sugee Bhanoo examines what can be done
- Catching the new technology train. Thomas Bennett may have spent his career focusing on cyber security but he remains an optimist at heart - and a passionate fan of technological advances. He tells Nadia Doughty about his life as the security business development manager of Norway's Telenor Group
- Conflict in the grey zone: Preparing ourselves against cyber opponents. When it comes to the cyber arms race, Miriam Howe says that preparation, collaboration and adaptability are critical
- Moving cyber into the diplomatic mainstream. What's cyber got to do with diplomacy and development? Actually, a huge amount. Miriam Howe sits down with Will Middleton to hear about life as Cyber Director of the UK's Foreign Office, and why cyber is now firmly entrenched on the frontline of national security
- Exploring a new role for cyber security in UK government transformation. A new study commissioned by BAE Systems Applied Intelligence has revealed that cybersecurity is both a major driver of IT modernisation and a significant barrier to adoption. Lorna Rea explains how the way forward will require a delicate balancing act - to manage cyber risk effectively, without hindering innovation and collaboration
Attachments
- Original document
- Permalink
Disclaimer
BAE Systems plc published this content on 28 October 2021 and is solely responsible for the information contained therein. Distributed by Public, unedited and unaltered, on 28 October 2021 11:42:10 UTC.
