Back in May, the unprecedented WannaCry ransomware attack targeted Microsoft’s Windows operating system by blocking victims’ access to computer systems and demanding ransom payments in Bitcoin cryptocurrency. The cyberattack infected roughly 200,000 computers in 150 countries – all within the span of a day.
Weeks later, Petya, a malware first seen in 2016, hit Ukraine, the epicenter of the damage. The malware then began to spread across Europe, where major firms, airports and government departments all fell prey to the attack.
Recent Google-led research suggests cyberthieves have made at least $25 million from ransomware in the past two years alone.
As our lives become increasingly connected and dependent on technology devices, we are becoming more vulnerable to theft, misuse and attacks in cyberspace. So what can companies, governments, and other organizations do to fend off cyberthreats and avoid becoming the victim of the next headline-grabbing cyberattack?
“In reality, cybersecurity impacts every element of business and also must be integrated into the operational fabric of an organization” – Wendi Whitmore, IBM X-Force IRIS.
ITU News recently connected with Wendi Whitmore, the Global Lead of IBM’s X-Force Incident Response and Intelligence Services (IRIS), to discuss how organizations can effectively prepare for a cyberattack.
“Many organizations today still think of cybersecurity as primarily an IT issue that can be managed by having the right security technologies in place,” Ms. Whitmore told ITU News. “In reality, cybersecurity impacts every element of the business and also must be integrated into the operational fabric of an organization.”
Cyberattacks and threats in most cases extend well beyond the IT department, so “organizations must have a comprehensive plan in place to effectively respond across the entire organization.”
Whitmore warns that cybersecurity is not only about setting up security precautions for the technology and the computer systems, it also entails having cybersecurity awareness training for employees, involving a diverse group of stakeholders who understand the key role they play in reducing the risk and impact of the attack, and incorporating security measures at all levels including operational processes and policies.
To effectively limit the risk and minimize the damage of an attack, “an organization must first prepare their response before it happens,” says Whitman.
This means, it is critical to have an incident response (IR) plan to detect and contain incidents faster and mitigate the impact more efficiently.
When an incident occurs, there are immediate responses to be taken, including: investigating and identifying the nature, extent and severity of the attack; determining the attackers’ access; and notifying cyberattack victims (i.e. customers, regulators, and company stakeholders.
And you’re racing against time.
“The speed at which organizations respond to a cyberattack is the top factor to reducing the cost and damage,” said Whitmore.
The 2017 Cost of Data Breach Study conducted by Ponemon Institute shows that having a functional incident response team significantly reduces the cost of a data breach as much as $19 per compromised record.
As our societies become increasingly digitized and interconnected, enhancing cybersecurity and building confidence in the use of information and communications technologies (ICTs) should be addressed at national, regional and international levels. ITU plays a unique role in promoting international cooperation and global partnerships in cybersecurity.
For more information, please visit: http://www.itu.int/en/ITU-D/Cybersecurity/Pages/default.aspx
By Nicole Jao (@nicole_i_jao), ITU News