In a February 24, 2020 MIT Technology Review Business Lab episode, Balaouras makes the case that the world of cyberthreats is becoming more intricate and perilous. Cybersecurity isn’t just stopping the threats you see, but also the ones you can’t see. “Even companies that have a Chief Information Security Officer (CISO) should take a hard look at how high in the organization they report,” Balaouras says. “Do they have the right budget? Do they have enough staff?  Have you given them the right span of control?”

Thanks to technology we are able to carry our office with us, reach out and talk to anyone at anytime, and all at incredible speed.  The mobile devices that make our lives so much easier, also increase the attack surface for cyber criminals. Few corporate functions have had to pivot so quickly or dramatically as cybersecurity operations. CISOs have had to take steps to minimize network threats targeting the legions of work-from-home employees.

According to a McKinsey article by Venky Anant, Jeffrey Caso, and Andreas Schwarz, “The response to the crisis continues to press department budgets and limit resources for other, less essential functions.”

Many companies are freezing their hiring because of the pandemic. Unfortunately, now is a risky, uncertain time to add full-time equivalent (FTE) employees. But companies, most of which don’t have the expertise in-house, need to hire a professional to lead their cybersecurity initiatives. What’s the solution?

VIRTUAL IS THE KEY WORD FOR 2020 & BEYOND

Virtual Cybersecurity Professionals (VSCP). VSCPs are the latest trend in cybersecurity hiring, bringing additional cybersecurity talent at a fraction of the cost, without requiring office-space, benefits, or training. VSCP don’t require on-boarding, and they can hit the ground running.

BUILD SECURITY ON A SOUND FOUNDATION

They are accustomed to handling a wide range of responsibilities geared towards protecting online data from being compromised. Sure, they safeguard organization’s files, networks, install firewalls, and monitor activity, but they should also create security plans that involve all employees of the company. As mentioned in one of our brief articles on phishing attacks, the best technology in the world isn’t going to protect a company’s data if the employees are not educated on the best practices of handling emails. Having mature fundamental processes in place are vital.

VSCP are not traditional employees that require significant investment. Nor are they consultants who are foreign and not part of your team. They are somewhere in between. As such, they tend to have greater access to C level executives. VSCP can be procured by days – you can hire a VSCP for Monday and Tuesday each week, for example – or for a certain number of hours each week. VSCPs typically work remotely, but schedule time on-site at least quarterly, or more often, as your budget and needs require.

In a Forbes article, Jon Younger explains that when a company “lacks the means to hire full time staff,” they can pull together essential skills and keep the business moving forward by combining full-time and freelance professionals together as a flexible, blended workforce. And increasingly, talent marketplaces are able to organize entire engineering or development teams on a “bolt-on” or plug and play basis.

There are downsides to VSCPs. Like all cybersecurity talent, the professionals are in high demand. There is an overall shortage in cybersecurity professionals. A recent Gartner report showed a 65% increase in demand for cybersecurity professionals and an estimated 3.5 million vacancy on the cybersecurity job market. Although they are easier to find than top-quality employees, it still can be difficult to find a quality VSCP. When you find a good VSCP, it’s important to retain them before their schedules become full. And like an employee, personality and team chemistry are important. Although they are remote, it is important that your security consultant fit your organization’s culture and gets along well with the team.

VSCPs are not an entirely new concept. Companies have been hiring Chief Information Security Officers (CISO) for years. Quality CISOs are difficult to find and expensive. A Virtual CISO (vCISO) is an outsourced security practitioner or provider who offers their time and insight to an organization on an ongoing basis, usually part-time. Working remotely, they are usually engaged to design an organization’s security strategy, and some may handle the implementation as well.  vCISOs are less expensive than staff Chief Information Security Officers and with a quick time-to-value.

IN CONCLUSION

The pandemic seems to be expanding this need to a wider range of security tasks. Staff are separated, budgets are tight, but viruses don’t respect deadlines. Projects still need to be completed despite today’s difficult environment. As another Forbes article points out, “Times are challenging, and it’s time to get creative. Organizations must find a way to respond to modern cyber-threats without stretching their financial resources. The vast majority of security budgets are spent on managed services, and that includes consultancy. Because internal security teams need external help, there is a move away from on-premises products towards services.

A virtual chief information security officer (vCISO) could deliver the most bang for your buck.

Here’s why:

Vast Experience and Proven Leadership
No Training Needed
Reduced Overhead
Flexibility
Faster On-boarding

The VSCP concept was reserved mostly for vCISOs, but times have changed and the concept is ready to be deployed for various types of roles.

This might take the shape of a Cybersecurity Compliance Director who ensures the company is aligned with NIST 800-53, FedRAMP, or HITRUST, or prepared for the 2020 CMMC audits. It might be a Privacy Officer who ensures the company is abiding by GDPR, CCPA, or new the privacy laws of Texas or Nevada, ensuring that the company can keep doing business in those states.

Taking a proactive stance on your company’s cybersecurity could mean setting up an incident response program, a SOC or a SIEM, or a disaster plan. Or maybe hire a penetration tester, AI/ML expert, or cryptographer.

The possibilities are numerous, but even if you could hire all the people you could want, you wouldn’t be able to keep up with the vast scale of the cybersecurity threat problem. Phishing scams are on the rise. Smaller companies are being targeted just as much as larger companies because they are known to lack the resources; so, they’re easier to hack. Cybercriminals are sophisticated and they stay informed. They constantly adapt messages to more effectively scam victims. The FTC estimates $100 million dollars in coronavirus stimulus checks have already been lost to fraudulent cyber crimes. The constant threat of cyberattacks presents a huge problem for all industries and guarding against it effectively requires constant attention. That is why IronOrbit has its own division that handles nothing but security and regulatory compliance.

During these difficult times, companies need to ensure they have SOC processes in place, utilize virtual cybersecurity professionals, and incorporate automated security measures. Probably in that order. Whatever you do, as they say at the end of MIT’s Business Lab podcast, get outside help. You don’t want to go it alone. With IronOrbit, you don’t have to. Learn more about how we can protect your company. Check out our Security and Compliance section and then  give us a call at (714) 777-3222.

The post Virtual Cybersecurity Professionals Needed More Than Ever first appeared on IronOrbit.

That’s why most of them are on the cloud in one form or another. The AEC industry is highly fragmented, data-intensive, and project-based. Designing, building, and repurposing require all the traditional disciplines you’d expect, but also many ancillary areas such as energy, environment, and waste.

The Journal of Cloud computing: Advances, Systems, and Applications reported that sharing data and supporting coordination between people involved is difficult and reliant on third-party tools to support such capability. “We believe cloud computing provides a more efficient and robust mechanism for individuals within the AEC industry to collaborate and share data. Work is already underway in the AEC sector for developing data and process models to enable greater interoperable working between project participants.”

This research has led to the development of the concept of Building Information Models (BIM) – a design process that looks at a building’s life cycle. The BIM concept helps designers and others see how a building will use resources before it’s built. BIM was an evolution of ideas.  Start with a powerful digital drawing tool and then evolve it into a much more sophisticated program. The software works in partnership with the designer or architect. A set of drawings becomes an interactive database. When the designer draws on the screen, the BIM system computes the properties of the building and even suggest improvements for everything from energy efficiencies to people flow while costing out every conceivable option. Every variable is built into the AutoDesk software. Any design changes are immediately reflected in revised cost estimates. It tells how much energy the modified design will save. The architect is working with a set of drawings and a data model that understands the whole building as a three-dimensional living system. Keep in mind that BIM includes all the information about a building. It should be a complete 4D virtual repository of the data associated with the structure from beginning to the end of its life.

Being on the cloud facilitates hiring, and retaining, some of the best talents all over the world.

THE CLOUD ENABLES REMOTE COLLABORATIVE TEAMS to work seamlessly together on complex projects.

Collaborative working environments have been long-standing key aspects of AEC workflows. Traditionally, those collaborative teams had to commute to one centralized location. Today, offering work environment flexibility (home office or corporate office) has become somewhat of an expected perk. This was a trend long before the coronavirus reared its ugly head. Now, there are government mandates pressing the point even more. We’re all being forced to work from our homes. Coronavirus aside, future AEC firms don’t want to have their collaborative teams tied to one physical location. Not any more.

Jennifer Howe, VP of SMMA (an architectural firm headquartered in Boston) and acting president of the ACEC organization, Massachusetts Chapter says, “As much as I don’t want to be working from home, there are times when I need to be working from home. Our IT staff had us set-up to work remotely, but it wasn’t the same as what we have now with the cloud. I can be on my laptop with IronOrbit and see everything the same way as we see it while we’re in the office.”

She recognizes that it’s more of an employee’s market now. “The ability to offer talented candidates the option to work from home is an added incentive to join your team.” That’s especially true when nothing is lost while moving from the office workstation to your mobile device-of-choice working at home. But there are other reasons to migrate to the cloud.

A much more enhanced remote work experience is not the only reason to move the cloud. The biggest, more critical reason, is security. But it can’t be just any cloud solution. , The cloud environment needs to customized to the unique needs of the firm. Jennifer talks about the biggest threat every firm faces. “Ransomware attacks are a tremendous concern. An ACEC Mass member firm had a recent incident where they were hit with a cyber-security breach. That was very concerning to our entire chapter. ACEC actually hosted an informative event where they shared some of the issues that they had. For SMMA, as government contractors, we need to be very protective and careful with the information that we have.”

Just a few short years ago, Google Drive and DropBox were the popular options between those who wanted to share large files. Those options weren’t great at protecting intellectual property. Concerns over security justifiably kept many AEC firms from utilizing them.

In addition to state-of-the-art firewalls, antivirus protocols, malware filters, and encryption, a truly holistic approach to security includes 24/7 monitoring.

Industry-Wide Concern for Security Is At An All-Time High

Carlos Charry is the Director of Technology for SMMA. He says security has been a top concern for everybody. “One of our competitors got hit with ransomware a few years back. It made me look at our own situation and ask, ‘Are we prepared for this?’ I knew we weren’t ready.”

The level of security provided by IronOrbit – the firm’s cloud solution provider is far beyond anything they could have accomplished on their own. The entire IT infrastructure is protected by state-of-the-art firewalls, antivirus protocols, malware filters, and encryption. The security doesn’t stop there. There is an entire team of engineers, rotating around the clock, monitoring the data centers for any type of potential security threat.

But Carlos adds, “The question of security aside, you still have to keep up with technology. That means having your IT infrastructure on the cloud. The cloud provides faster updates. Just keeping all your applications up to date saves you a lot of trouble. Most of my time before the cloud was spent handling IT issues.  Things like the network not being responsive or our server going down. I spent time on things like that and couldn’t devote myself to what I truly love to do which is to improve our business processes. I want to make them better so the company can become ever more efficient.

Carlos continues, “The cloud has enabled us to hire anyone anywhere in the world. The employee just needs a PC and an Internet connection of some kind and they can utilize our tools. We currently have people working for us from Maine and New York. Since we’ve moved to the cloud, my headaches have been reduced. Once an employee is connected to the cloud, I don’t have to worry about it. I know the data is automatically being backed up. My worries are basically gone.”

FINDING THE RIGHT WAY TO COLLABORATE IS CRITICAL TO RUNNING AN EFFECTIVE BUSINESS

Jennifer says, “Working with Carlos, our IT director, we’re always looking for better ways to do our work. SMMA is a full-service design firm. Collaboration is the key to our success. Finding the right way to collaborate internally and collaborate with our clients is a critical part of running an effective business.

MOVING TO THE CLOUD. WHAT IS IT LIKE?

People were hesitant at first. The cloud environment is different from having your server on the premises. It’s different. “As we were going up to the cloud, and trying to figure out how to use it, they weren’t sure at first what to expect. Is it going to make my life better or worse? Finally, through effective collaboration and communication, we found it to be an invaluable tool. I find that I can access whatever I need wherever I am.  One of the things that surprised me was being at a client meeting and just being on wi-fi and act as if I were in the office. I’m able to pull up any document I need at any time. For example, I do a lot of government work. When I’m doing a client visit, I often don’t have wi-fi available to me. No worries. I just turn on the hotspot on my phone and still be able to open up a CAD drawing. You’d think that would be impossible to do, right? But it really works quite well.”

Being able to be remote and share a CAD drawing on your laptop using the hotspot on a smartphone is amazing. “You think it’d be impossible, but it actually works very well.”

Hector Inirio is the Design Technologist. He says, “That the most attractive aspect of moving to the cloud was a blend of things. There are many aspects of advanced IT that are beyond our expertise such as high-end security threats. Ransomware is a good example. I really liked the fact that cloud technology democratized our computer systems. We’re not transferring any data from our local workstations. The workstations themselves, really become more like dumb terminals. So, no matter what kind the computer was at a particular desk, they all now respond like high-end machines.  Previously, due to cost, we’d only have some users on higher-end machines. The ones who didn’t need the computing power were working on equipment with less computing power. Now, all of them respond with higher specs.”

“I really liked that cloud technology democratized our computer systems. It made all of them perform like higher spec machines” – Hector Inirio

The computer terminals become virtual desktops because they are hosted by the external cloud server. Any slowness or frustrations you’ve experienced with your current Internet connection go away. Once users log in to the hosted desktop you’re using bandwidth from the cloud. There are separate gigabyte connections to the Internet. Your bandwidth virtually becomes unlimited.

The technology needed to aid the construction industry’s complex workflows hadn’t become available until the past few years. There are now plenty of SaaS solutions available to make full use of what cloud technology offers. Most contractors are implementing cloud solutions. The few who are not risk losing any competitive edge they had. These firms are also in danger of becoming irrelevant as technology advances at exponential rates. They simply won’t be able to keep up. Remaining current with the speed of technology means being able to focus on human capital.  These are qualities like talent, skills, know-how, empathy, and creativity. All of these are undervalued human assets to unlock. You won’t be able to leverage this human capital if you’re stuck in the mud because your technology isn’t current.

MAKE FULL USE OF THE BENEFITS

Construction companies already on the cloud should evaluate if they’re making full use of being on the cloud. There is another benefit of cloud computing. Construction companies should be cashing in on the ability to store tremendous amounts of big data files onto more powerful machines. More can be done with fewer resources. Anywhere there’s an Internet connection you’re good to go. Being on the cloud removes hardware limitations, prevents loss of data, dramatically improves security (if designed correctly), and improves accessibility.

One of the key issues within the industry is the storage of building data throughout the whole life of the building. Data processing is also an important concern for the industry. During construction, a large part of the work takes place on-site where computing resources, up till now, have been non-existent.

The cloud offers data processing power. Drones hover over construction sites and take pictures with detailed GPS coordinates and metadata. Stitching these images into an orthograph requires more processing power than typical computers can muster. Visiting job sites can take hours. Now construction sites can be viewed via a SaaS platform. A design captain or engineer can get a real-time view of the location from anywhere in the world, and on any device. This technology also makes sharing data much easier. There’s a misconception that data becomes less secure on the cloud. It turns out the opposite is true. That is if the new cloud environment has been designed with tight security in mind. If the data is kept at a Level 3 Data Center with round the clock monitoring, cybersecurity is on an entirely different level. It’s in a league of its own. One that isn’t possible for on-prem servers or public clouds.

The post Why Every AEC Firm Needs to Move to the Cloud Now first appeared on IronOrbit.

Data breaches are happening at an alarming rate. In fact, the threat of ransomware attacks has become elevated to crisis levels. While there’s increased awareness, attacks are becoming more sophisticated. A variety of large and small organizations are being attacked. No one is immune. The healthcare industry has been and continues to be, prime targets. And for good reason. Healthcare organizations are considered low-hanging fruit by cybercriminals. Hackers know healthcare centers are notorious for having inefficient security. Most hospitals don’t have procedures in place to restore a network once locked by ransomware. Most applications in Hospitals have little or no network segmentation. There are no firewalls between workloads. Basic security protocols are not in place.

Besides the alarming ransomware statistics, there are some attacks that never get reported. The U.S. Department of Health and Human Services experienced 52 data breaches in October. Last year, hackers stole over 38 million medical records. These sobering statistics have made the healthcare industry take notice. Many healthcare organizations are taking steps to increase cybersecurity. But more can be done. This article will take a look at some of the more recent ransomware cases. We’ll look at some mistakes that were made in dealing with cyberattacks. And we’ll offer ways to improve cybersecurity and protect patient data moving forward.

The consequences of a data breach reach far beyond the breaking news story. There’s more to it than the short news article that appears on your computer screen. A single attack can close down an organization for good. It can happen in a few minutes. The consequences can have long-lasting implications. This is particularly true for the healthcare industry. Sure, the reputation of the healthcare center gets flushed down the toilet, but there’s a real impact on the patients. These incidences are not merely expensive inconveniences. Cyberattacks disrupt the entire eco-system of the institution. It puts people’s health, safety, and lives at risk.

Security breaches will cost healthcare organizations $6,000,000,000 this year.

Often, the healthcare center gets victimized twice. First, there is a ransomware attack. Second, the healthcare system becomes the target of a class-action lawsuit from a community of angry patients and their families.

Consider the New Scientist article about the 2016 attack on the Hollywood Presbyterian Medical Center. It was a Friday afternoon when malware infected the institution’s computers. The attack seized patient data and prevented the staff from further communication. The date was February 5. The same day computer hackers tried to steal 1 billion from the Federal Reserve Bank of New York. It all happened in a matter of seconds. Medical records had to be kept by using pen and paper. They used old fax machines. Patients were sent to other hospitals, operations canceled. The medical center was back on-line after a 2-week standoff. But not until after paying a ransom of 50 bitcoins (the equivalent of $17,000 at the time).

Malware can infect the entire computer system. Someone clicks on a link to a booby-trapped website or opens an attachment in a phishing email. Immediately, malicious malware gets to work encrypting the files. Some malware can immobilize entire IT infrastructures. If data is backed up and you get an attack of malware or something, you can always go back to yesterday’s data.
Healthcare targets often have their backs against the wall during a cyberattack. Because they don’t have their files backed up.

In most cases, a ransom is paid. The hackers deliver the decryption key. And medical centers are able to decrypt the seized files. The Hollywood Presbyterian Medical Center was straight forward. They handled the crisis as best they could. See the above comments about using pen and paper. They negotiated a lower ransom and their data was returned. More recent victims haven’t been so lucky.

Medical malpractice has been part of the healthcare landscape since the 1960s. Now there is an additional risk of medical malpractice during ransomware attacks. If the ransomware attack affects the patient in any way, there will be repercussions.

While only a few healthcare systems have policies around using mobile devices, there is a growing movement to regulate such devices.

Take the cyberattack on LifeBridge Health systems. Seven months after the incident, the Baltimore-based health system faced another problem. A class-action lawsuit was filed against them. The lawsuit claimed negligence on the part of the medical center. It also accused LifeBridge of waiting 2 months before informing the affected patients.

LifeBridge had to respond to the allegations. The organization contracted a national computer forensic team to investigate the attack. Patients were offered credit monitoring and identity protection services.

Clearly there are basic mistakes made that contribute to breaches. Mistakes can allow the infiltration to happen in the first place. Resolving a ransomware situation is stressful. People can do things that t make the situation worse.

Ransomware Recovery Mistakes

Health Management Concepts in Florida was attacked with ransomware. The official report was made on August 23. HMC learned about the incident on July 16. The ransom was paid. The attackers delivered the decryption keys. The hospital IT administration immediately took steps to decrypt the data. To their horror, the HMC staff realized they made the problem worse. They accidentally sent files containing patient information to the hackers.

UnityPoint Healthcare had the misfortune of suffering two security breaches in 2018. The second attack compromised the data of 1.4 million patients. At least, that’s the official tally. A series of phishing emails had been made to look like they were from a top executive within the company. An employee fell for the scam. It gave hackers the opportunity needed to penetrate the entire system.

The protection of healthcare assets is not just a matter of protecting patient information but protecting the patients themselves.

Recognizing the Risk is the First Step Toward Protecting Patient Information

The onslaught of cyberattacks against healthcare is relentless. There are inspiring stories of medical centers fighting back. They’re defending themselves against nefarious cyberattacks. They’re saving lots of money. Increasing their efficiency. And better protecting their patients.

One such story belongs to the Interfaith Medical Center of Brooklyn, New York. It’s a 287-bed non-profit teaching hospital that treats more than 250,000 patients every year. They were able to avoid malware outbreaks. Their proactive approach enabled them to detect and respond immediately to advancing threats. Their strategy involved an assessment of threats and implementation of policies and procedures.

Incident response time is critical. Measure it with a stopwatch, not a calendar. All the segmentation in the world isn’t any good if the door won’t be closed in time. Their program was successful. It identified malware infections long before they had a chance to become a problem. They were even able to identify a malware-infected medical device after it came back from a repair vendor.

The Interfaith Medical Center anticipated a ransomware attack and took steps to prepare for it. In a September 3, 2019, Healthcare IT News article, we learn how Christopher Frenz – the VP of Information Security protected the non-profit’s IT system. “One of the ways I approached this was simulating a mass malware outbreak within the hospital, using a custom-developed script and the EICAR test string. Running the script attempted to copy and execute the EICAR test string on each PC within the organization to simulate the lateral movement of a threat within the hospital. Exercises like these are great because they help an organization identify what security controls are effective, which controls are ineffective or in need of improvement, how well or not the staff response to an incident will be, and if there are any deficiencies in the organization’s incident response plan,” he explained.

Christopher Frenz, VP or Information Security at Interfaith Medical Center, led the charge with his zero trust architecture that protected the network from cyberattacks and saved the healthcare system millions of dollars.

“We have successfully avoided malware outbreaks and are actively detecting and responding to advanced threats, long before they impact privacy or operations.”

Christopher Frenz, Interfaith Medical Center

The article ends with some excellent advice from Frenz. “Healthcare needs to begin to focus on more than just compliance alone, as it is far too easy to achieve a state where an organization meets compliance requirements but is still woefully insecure. Organizations need to put their security to the test. Pick solutions that can empirically be shown to improve their security posture.”

There are basic steps healthcare organizations can take to minimize their risk of ransomware attacks. Learn as much as you can about ransomware attacks. Consider all possible points of entry. Where is your IT system vulnerable? Medical software used for patient data has numerous vulnerabilities. Healthcare cybersecurity statistics by Kaspersky Security Bulletin found easy access to 1500 devices used by healthcare professionals to process patient images such as X-rays.

Improving the cybersecurity of a healthcare organization, whether large or small, has two parts. One part has to do with the design and implementation of the IT system entire (i.e. whether-or-not there’s back-up and disaster recovery features in place). The other part has to do with your human capital.

Malware can be introduced from any number of locations along with your network. Often the attack is designed with multiple points of entry. It could be phishing emails where an employee is tricked into clicking on something that is booby-trapped. It could be a bogus email from what looks like an upper-level executive but is actually from a hacker.

ON-GOING EDUCATION AND REFRESHER COURSES

Healthcare employees should have regular and comprehensive cyber threat education. This enables them to avoid falling into traps that can trigger ransomware. It also serves to establish a strong security culture.

Human beings make mistakes. This is especially true in the busy high-stress environments of hospitals. Or in situations where doctors, nurses, and orderlies work extended 10 to 12-hour shifts. People have to be educated about the risks of cyberattacks and what forms such attacks might take. It’s easy for a rushed employee, at the tail-end of their shift, to unknowingly click a file, download an unauthorized software, or be tricked into loading a contaminated thumb drive. There are basic security processes that should be implemented. These are things like creating strong passwords and changing them at regular intervals. Duel factor protection is also a good idea.

Cybercrooks study the vulnerability of humans. Hackers continually figure out ways to exploit human traits and their gullibility. Through social engineering tactics, cyber attackers design pathways to plant ransomware or get a foothold in an information system.

SECURITY IS NOT ABOUT QUICK FIXES

Take the time to ensure the staff and vendors are mindful of what they’re doing. Review policies and procedures regarding handling patient data. Review how to avoid security incidences. As we have seen, any data breach has legal ramifications. There needs to be a systematic response that is carefully considered and forged into a process. Additionally, partner with the right vendor who can design and provide a holistic security solution that will protect your patients.

The post The Healthcare Ransomware Epidemic: How to Protect Your Patients first appeared on IronOrbit.

2019 has proven to be an alarming year for cybersecurity professionals and cyber-attacks show no signs of slowing down in 2020.

One cybersecurity firm characterized the rapidly growing pace of cyberthreats across all industries as an “unprecedented and unrelenting barrage”. Within 24 hours of its report, the City of New Orleans and several other municipal organizations fell victim to ransomware attacks.

But it’s not just large-scale enterprises and public institutions that are under attack. Small and mid-sized businesses offer low-hanging fruit for opportunistic cyber criminals, who often use automation to widen their area of attack.

Small businesses, large enterprises, and public institutions alike have all struggled to respond decisively to the ransomware threat. Until recently, executives had few options – and fewer defenses – in their fight against cybercrime. Now, Desktop as a Service (DaaS) solutions offer comprehensive, scalable ransomware protection services to organizations of all sizes.

What Exactly is Ransomware and How Does It Work?

There are several ways for a cyber intruder to take over your computer system without your knowledge. You won’t know about it until it’s too late.

The typical ransomware attack begins with the stealthy takeover of the victim’s computer. This may be accomplished through phishing, social engineering, or a sophisticated zero-day exploit – the goal is to have access to the network while remaining undetected.

Upon compromising the network, the cybercriminal can begin slowly encrypting important files. Most ransomware applications do this automatically, using a variety of different methods to evade detection. The process may take days, weeks, or months to complete.

Once the ransomware encryption algorithm reaches critical mass, it then locks users out of the network, displaying a ransom note demanding payment for a decryption key. Sometimes the demand is small – on the order of $500 to $1000 – and sometimes the demand reaches into six-figure sums.

Ransom demands are usually for bitcoins. “If one organization is willing to pay $500,000, the next may be willing to pay $600,000.”

Small sums make paying the ransom a tempting option, but a dangerous one. There is no guarantee that the cyber attacker will relinquish control of the network. Instead, executives who pay up reinforce the cybercriminal profit cycle. It is only a matter of time before the ransomware attacker strikes again.

Famous examples of ransomware variants include WannaCry, which spread to over 230,000 computers across 150 countries in 2017, and Petya. The WannaCry crisis targeted healthcare clinics and hospitals, causing untold damage and highlighted the risk that outdated IT systems represent in these industries.

Petya was unique because it did not encrypt specific files. Instead, it encrypted the local hard drive’s Master File Table, rendering the entire device unusable. There are dozens of other variants out there, and each one uses a unique strategy to take advantage of victims. NotPetya developed on Petya’s attack method, using the same vulnerability previously exploited by WannaCry.

Who Is At Risk of Ransomware Attacks?

Emsisoft reports that during the first half of 2019, 491 healthcare providers were hit with ransomware. The attacks are increasing and the demands are for larger ransoms.

Everyone. Although high-profile targets like hospitals and municipal institutions make headlines, thousands of business owners are defrauded every day. On average, one business falls victim to ransomware every 14 seconds.

Small and mid-sized businesses are especially vulnerable because they typically do not have access to the kind of comprehensive security resources that large enterprises can afford. Small businesses that do not rely on reputable third-party managed service providers make especially easy targets.

Cybercriminals have shown that they are willing to target hospitals and public institutions without shame. The greater the need for functioning IT systems is, the more likely the cybercriminals are to get paid. This is how the cybercrime profit cycle perpetuates itself.

What Can Small and Mid-sized Businesses Do About Ransomware?

Organizations caught unprepared have few options. Although cybersecurity experts correctly warn against paying the ransom, desperate business owners often pay anyways. But the relief is only temporary. 60% of small and mid-sized businesses victimized by cybercriminals do not recover and shut down within six months.

Preparation is key to successfully resisting a ransomware attack. Organizations that cannot afford to develop, implement, and deploy state-of-the-art security resources need to contract a reputable third-party vendor for the purpose.

Even enterprise-level organizations with tens of thousands of employees often find themselves opting for a managed solution instead of an in-house one. The cybersecurity industry is experiencing a widening talent shortage, making it difficult even for deep-pocketed businesses to hold on to their best security officers.

Introducing IronOrbit: Comprehensive Ransomware Protection

IronOrbit achieves best-in-class ransomware protection through a unique approach to cloud desktop hosting. Three key processes must work together flawlessly to guarantee ransomware resilience:

1.   Prevention

The best way to prevent a ransomware attack from taking place is preventing the initial malware deployment. Firewalls, email filters, content filters, and constant patch management all play a critical role in keeping malicious code out of DaaS systems.

Maintaining up-to-date software is more important than most executives and employees realize. Since NotPetya used the same attack vector as WannaCry, its victims entirely consisted of individuals and businesses who neglected to install security patches after the WannaCry crisis.

2.   Recovery

There is no way to guarantee 100% prevention. However, business owners and their IT teams can circumvent the damage ransomware causes with consistent backup and restoration tools. IronOrbit’s disaster recovery features can wind back the clock, reloading your entire suite of business systems to the state they were in just before the attack occurred.

3.   Remediation

Ransomware recovery cannot guarantee business continuity on its own without best-in-class remediation tools. Without the ability to trace the attack to its source in a fully logged environment, there is no way to tell whether the attack has been truly averted or not. IronOrbit uses state-of-the-art digital investigation tools to track ransomware attacks to their source and mitigate them.

Schedule a Consultation with an IronOrbit Security Expert

IronOrbit has helped numerous businesses capitalize on the efficiency and peace of mind that secure DaaS solutions offer. Protect your business from the threat of ransomware with the help of our expertise and knowledge.

The post Ransomware Risk Mitigation: The Desktop-as-a-Service Solution first appeared on IronOrbit.

Calculating the ROI of your technology investment doesn’t have to be rocket science, but remember what Einstein once said, “Not everything that counts can be counted.”

Looking beyond spreadsheets and calculations means considering how your technology helps you meet your strategic objectives.  Long-term success depends on a proactive agenda of workforce transformation, strategic flexibility, security, and manageability.  Are your technology investments driving productivity for your business? Are they solving challenges or creating more problems? Answers to questions like these are the main reasons why many companies are moving to the cloud.

Forrester released a report in early 2019 that stressed the importance of corporate leaders to gain more fluency in the technology choices made. They need to understand the different performance yields of different innovation efforts. It’s important to be visionary about where the company is headed during the years to come. Know what is at stake should you keep your IT infrastructure on-prem or move it to the cloud. Become focused on how to make business technology a basis of a durable strategic advantage.

While corporate leaders need not be able to use devices, programs, and apps, they should know enough about them to discuss them intelligently with the team.

In a more recent podcast, Forrester gives its top predictions in IoT, AI, and cloud computing.

About half the big enterprise outfits that try to transform their systems fail or stall under the sheer size, and complexity of the process. Certainly, a large part of the problem has its origins in the failure to design a strategic plan that works. Don’t put the cart before the horse. Remember the carpenter’s rule, “measure twice, cut once.” You’ll avoid costly mistakes, both in terms of time and money, if you do research and get as much information as possible before you start spending resources on cloud migration.

ADVICE FROM EXPERTS 

Every organization has its own unique strategic needs. Not all businesses have the same priorities. There is no one-size-fits-all approach to developing a strategy or plan to move to the cloud. Any significant technological transformation requires analyses and consultation with experts in the field. It also helps if these experts know as much as possible about your business goals.

The first step is to become clear-eyed on the business strategy.  Evaluate business objectives and assess how your existing technologies align with meeting those plans. Inevitably gaps will become apparent.

Utilize the insights from the best technology consultants you can find. They’ll be able to recommend available options and optimal routes. In some cases, there may not be an immediately available option that best suits your objective. In those situations, something more innovative and customized to specific needs may be needed. This is exactly why a good advisor is critical to successful cloud migration. A good advisor will be a true IT professional, one who stays abreast of the latest technologies, but also one who has a comprehensive understanding of business operations. Having this kind of resource on hand can mean all the difference between a successful transformation or one that goes off the rails. Failed attempts are costly with absolutely no ROI.

While it’s true that every company is unique and each one has its own set of priorities for future growth and productivity, there are a few technology industry trends that can serve as a guiding light.

THE INCREDIBLE EVER-CHANGING WORKFORCE

This isn’t your grandfather’s workplace environment anymore. It’s not even your father’s workplace environment.  For people to become fully engaged and productive, they need flexibility over the tools they use. The choice of places to work would be nice too. Employees need reliable and secure access to the resources they use and depend on.  Consistency of experience shouldn’t be over-rated either.

Wakefield Research conducted a survey showing the scope of this on-going technological evolution. Not too surprising, the report found that 69% of the employees regularly work remotely. Some 21% of them blend environments by working both in an office and somewhere else, such as at home or a communal workspace (Starbucks anyone?). The survey went on to show that a whopping 80% of the office professionals agree that, within 5 years, businesses will not be competitive without using cloud-based apps. Future-proofing means leveraging cloud servers and taking advantage of new technologies as they become available.

MEETING RISING EXPECTATIONS, PRESSURES, AND DEMANDS FOR INCREASED SECURITY

New business models, competitors, and customer preferences emerge seemingly from nowhere. Turn around for a moment, and there are new things to look at. During this age of acceleration, all of us have to stay on our toes. We have to practically reinvent ourselves from Monday through Friday. Companies of all sizes have to move quickly to capture new opportunities. And if you think it’s intense now, just wait until next year and the year after that. Modern technology and its impact on business is moving at an exponential rate.  I’m getting dizzy just thinking about it.

Even as things are moving at breakneck speed, security demands have never been greater. Security is also more challenging than ever.  Check out our previous blog on cyber attacks and ransomware for some not so gentle reminders of how costly cyber attacks can be. IT transformation has increased the opportunities available to would be hackers. And these hackers have their choice of mobile devices, web apps to IoT. New mandates, like the General Data Protection Regulation (GDPB) have raised the stakes for everyone.

As companies increasingly leverage the cloud to store customer data, SOC 2 compliance is becoming a necessity.

START AT THE BEGINNING

So, let’s start at the beginning of any company’s transformational journey. Ask the question, “Can your current technologies help you meet all the requirements in ways that enable you to move quickly and stay on top of your priorities?”

Wakefield Research shows that 69% of the employees regularly work remotely and 21% of them combine home and office environments.

MOBILE FORCES

MORE PRODUCTIVITY, WITH LESS STRESS AND IN LESS TIME

It’s becoming more common to see employees working from home or both at home and in the office.  Where ever they choose to plow through their day, they need tools that are smart, fast, seamless. They need to work collaboratively. They need to be open robust programs like Revit, or SoftImage, or After Effects, and use them quickly, seamlessly, and without interruption.  Having apps on cloud servers enable distributed teams to collaborate easily across great distances.  Whatever the scenario, the new IT setup needs to empower your people to get more things done, more easily.

KEEP IT SIMPLE

Before making an investment in technology, consider if it adds to the complexity of your workplace or helps reduce it.  Does it help to streamline operations? In other words, does it impose a burden of daily management that diverts attention and resources? Or does it free-up people’s time so that they can focus more on their own work.

SECURITY IS A CHALLENGE

The threat of cyber attacks is greater than ever. A breach of security can be devastating. Finding skilled security professionals has never been more difficult. The more complex the IT environment, the greater the security risk. There are more openings for attacks. Consider public networks, mobile devices, and web apps. There are insider threats, phishing, and so on.

Sometimes it may be worth taking on the additional security risk in exchange for exceptional business value. It’s a trade-off that should be factored into the evaluation of your transformation strategy. Keep in mind, if a technology can make security simpler, more transparent, and more effective, that’s an advantage.

Cryptojacking is the unauthorized use of one’s computing devices. It is accomplished by injecting the system with hidden code that immediately starts benefiting third parties. About two-thirds of companies targeted by ransomware attacks have been infected.

LEVERAGE THE FLEXIBILITY TO IMPROVE STRATEGY

It’s a great period of time to be an IT professional or developer. The hybrid, multi-cloud era has brought tremendous freedom and flexibility to what used to be just a metal box and a lot of colorful cables.  Now, cloud technology enables us to provision resources and demand, scale easily, and support users anywhere. Cloud servers also allow for beefed up security and greater performance. The cloud is where data rules supreme.  It’s not under the rug, in the closet, or filed away on hard drives stored in a drawer. We now have a place, seemingly with no limits, to put all the data we’re accumulating (organizations stockpile data but seldom dispose of it).

On the user side of things, cloud computing has given employees the freedom to choose any device, time, or place to work. These various cloud options mean a consistency of quality user-experience.

The prediction is that 41% of enterprise workload will be run on public cloud platforms by 2020. Another 20% will be private-cloud-based, while 22% will rely on hybrid cloud adoption.

NO TECHNOLOGY EXISTS IN A VACUUM

If one of your investments limits the utility of another, it degrades the value of both. A Good strategic transformational designer will always look at the big picture and assess how everything is connected.

When it comes to remaining profitable while future-proofing a company, not everything is about dollars and cents. Considering the ever-evolving workplace, with all its need for mobile applications, collaboration tools, data crunching, and massive amounts of storage. Keeping our eyes on the big picture is necessary if we’re to evaluate ROI accurately.

The true ROI has to do with information technology that advances key priorities such as productivity, reducing complexity, strengthening security, and ensuring choices are available whenever needed.

The post What is the True Cost & Benefit of Moving to the Cloud first appeared on IronOrbit.