Thursday, 8 June 2017

CFO.com/Kelly Bissel: Don’t Be Held For Ransomware

Accounting & Tax
Don’t Be Held For Ransomware

Five fundamental steps your company can follow to curb its chances of falling victim to a ransomware attack.

 By Kelly Bissell 

June 6, 2017 | CFO.com | US

If there’s a positive spin that can be placed on last month’s ransomware attacks, it’s that the topic of cybersecurity has finally emerged from the shadows and into the public eye. When 200,000 systems began to be infected across more than 150 countries on May 12, security became not just a matter for a few black-hat specialists and a wave of creative naming — from WannaCry to WanaCrypt0r and everything in between — it was suddenly everybody’s business.
Kelly Bissell

Kelly Bissell

Of course, businesses recognize they’re not immune from cyberattacks, and threat intelligence and law enforcement agencies have warned that such attacks can be expected to accelerate in frequency.  In short, ransomware is rampant. Often delivered via e-mail, ransomware, also known as cryptoware, it’s used to attack a company’s data by encrypting it until a ransom is paid to an unknown source — in some respects, the criminals who use it are the “stand and deliver” highwaymen of the modern age.
Recommended Stories:

    Ralph Lauren Same-Store Sales Drop 12%
    How to Get Your ROI on Employee Benefits Spending
    What CFOs Need to Know About Corporate Tax Planning

Any approach to handling ransomware must take into account that it triggers fast-moving situations and that there’s no guarantee that an approach that works for one organization will also work for another.  But here are five fundamental steps your company can take to curb its chances of its falling victim to a ransomware attack:

1.Adopt prevention programs. Most ransomware attacks start as a phishing attack. Prevention training and awareness programs can help employees recognize telltale signs of phishing scams and how to handle them. Guide your employees on how to recognize and avoid fraudulent e-mails or what to do in the event of a social engineering attack. Keep testing internally to prove the training is working.

2.Strengthen e-mail controls. Ransomware attacks are frequently delivered via e-mail. Strengthening e-mail controls can often prevent malicious e-mails from reaching employees. Make sure you have strong spam filters and authentication. Scan incoming and outgoing e-mails to detect threats and filter executable files. Consider a cloud-based e-mail analytics solution and how e-mail is configured and file extensions are displayed.

3.Improve CMDB. Companies need to be very diligent about building a complete configuration management data base (CMDB).  It may be surprising, but most companies do not know all the IT systems in their environment across all subsidiaries and business lines.  If you don’t know what you have, how can you protect it?

4.Insulate your infrastructure: Attackers are getting smarter, and it’s easier for unsuspecting employees to make mistakes by failing to recognize malicious e-mails. There’s a host of solutions here, from removing or limiting local workstation administration rights to seeking out the right configuration combinations (including virus scanners, firewalls, and so on).  Regular patches of operating systems and applications can foil known vulnerabilities: Microsoft patches related to this particular threat was one kind of measure that Accenture used back in March 2017 as part of our normal patching cycle.

5.Plan for continuity. Ransomware attacks are far from random — they are highly targeted and intentional, meaning that many can be averted via meticulous prevention. But even with the best defenses in place, successful attacks can occur. Having a strong business continuity plan for recovery — one that’s regularly reviewed, updated, and tested— makes it easier to avoid paying ransom. Recovery objectives must be aligned to the critical tasks within an acceptable timeframe. Workstations and file servers shouldn’t be constantly connected to backup devices. Further, the backup solution should store periodic snapshots rather than regular overwrites of previous backups, so that in the event of a successful attack, backups will not be encrypted.

Kelly Bissell is a managing director of Accenture Security.

Related

Massive Ransomware Wave Hits Banks, Hospitals

How to Mitigate the Threat of Ransomware

‘Patch Act' Seeks to Avert WannaCry-like Attacks

WannaCry's Lessons: Patch Windows, Be Real About Risk

Explore CFO

Revenue Recognition 'Doomsday Clock' Is Ticking

Throw Away Your ROI Calculator for Wellness Programs

Managements' Estimate Biases Targeted by Two PCAOB Proposals

Subscribe to CFO Weekly eNEwsletter

White Papers

Using Risk Management to Boost Financial Stability

Cyber-Hackers: Waging War Against an Invisible Enemy

As Security Becomes a Priority, Will Checks be Written Off?

Finance and IT: Partners in Cyber-Crime Fighting
Powered by
Revlon Taps New CFO
GM Shareholders Reject Stock-Split Proposal
Leave a Reply

Your email address will not be published. Required fields are marked *

Comment

Name *

Email *

Website

Advertisement
Popular Articles

    Employers Wouldn’t Alter Health Benefits upon ACA Repeal
    Man Accused of Making Phony Bid for Fitbit
    Tax Compliance Toughens for Intercompany Transactions
    New Remedies
    Disruptive Influences: 20 Tech Companies to Watch

Advertisement
Topics

    Accounting & Tax
    Banking & Capital Markets
    Human Capital & Careers
    Growth Companies
    Risk & Compliance
    Strategy
    Technology

Media

    Videos
    Whitepapers
    Research
    Magazine

Events

    Conferences
    Argyle Events
    Webcasts

Services

    Reprints
    Back Issues
    Mobile
    Widgets
    RSS

About CFO

    About CFO
    Editorial Staff
    Press
    Advertise
    FAQ
    Contact Us

Want the Magazine?

Relax and unplug with our award-winning coverage.
Subscribe Now
Follow Us
Post a Comment