The Scottish Business Resilience Centre (SBRC) recently surveyed more than 250 businesses in Scotland about their cyber preparedness and learned that more than a third (38 per cent) don’t feel prepared for a cyber attack.
It’s a worrying trend, especially given that the Sophos State of Ransomware 2021 report found that 35 per cent of British businesses were hit by ransomware attacks in the past year.
A ransomware attack works by cyber criminals encrypting an organisation’s files and holding data hostage until a ransom is paid.
These fees can be extortionate and not every business will be able to pay: DarkSide, one of the more prolific ransomware gangs, has made at least $90m (£63.4m) since August 2020 in ransom payments from fewer than 50 victims.
But even for those who can afford to pay, there’s no guarantee they will get all their data back in
a timely manner. In fact, separate research by Sophos found that companies are only able to restore an average of 65 per cent of their data even after paying a ransom.
Given these odds, it’s clear that businesses should focus their efforts and finances on improving
their cybersecurity defences in the first place and thereby limit the fallout of an attack, rather than assuming they’ll be able to pay a ransom and move on.
The most basic thing that an organisation can do to mitigate this is to check that systems including firewalls and antivirus programmes are up to date. Regular backups are vital, too: organisations are more likely to get their data back by relying on a recent copy than paying ransom.
It’s also important to make sure employees understand that cybersecurity isn’t just the responsibility of the IT department: everyone needs to know at least the basics of cybersecurity, such as not opening attachments or clicking links they weren’t expecting.
A strong cybersecurity strategy goes beyond this, to include role-playing and scenarioplanning that involves a broad range of people in the company to ensure preparedness.
Another consideration as part of a strong cyber strategy is around accreditations, particularly Cyber Essentials. This is a government-backed scheme which can prevent or limit the fallout from up to 80 per cent of common cyber attacks, including ransomware.
The rise of ransomware and what to do I which can prevent or limit the fallout from up to 80 per cent of common cyber attacks, including ransomware.
Only 42 per cent of the businesses we surveyed held the Cyber Essentials certificate – but it’s a simple way for business owners to become more aware of their cyber processes, and could
mean the difference between surviving an attack or losing all their systems and data.
Regardless of the precautions taken, it’s still possible that a business will fall victim to a cyber attack. For those that do, there is support out there, including the SBRC’s Cyber Incident
Response Helpline.
The sooner you get help after an incident has occurred, the greater the chances of recovery.
Related posts
Interviews
Comment
Please mind the gap… or healthcare may fall
Imagine sharing a lengthy train journey with others. From beginning to end, imagine how often you might hear ‘mind the gap’ messages about embarking and disembarking safely. Picture how navigating…
Women Lead: My journey from Dragons’ Den to Silicon Valley
Following her appearance on Dragons’ Den, Sheila Hogan, serial entrepreneur, founder and chief executive of digital legacy vault, Biscuit Tin, shares her experience of her time in the Den and…
Look anywhere – the future is ‘aged tech’. But Scotland needs to be more adventurous
Scottish Care, as the representative body of independent social care providers of care home, care at home and housing support services, has been working over several years with colleagues in…
Women Lead: Engineer turned entrepreneur
We are always fascinated by other people’s stories. It’s how we connect, grow and learn from each other. Until very recently I always felt like I didn’t have a story to tell. Who…
‘Women – together we will change the dynamic in tech’
I was inspired to start a career in technology when personal computers were in their infancy and the internet decades away. My childhood dream of becoming a scientist was shaped by…
It’s time to change the future of tech apprenticeships – and we need your help
In his latest exclusive column for Futurescot, Ross Tuffee, chair of the Skills Development Scotland (SDS) Digital Economy Skills Group, calls on tech employers to get involved in shaping the…
What AI difference a year makes
Amazingly, it’s been one year since the publication of Scotland’s AI Strategy. And what a year it has been. Demanding but rewarding, with good progress made and great foundations laid…
International Women’s Day: It’s time to harness power of women in technology
As we celebrate International Women’s Day, I hope to be part of a future where barriers that prevent women from competing on a level playing field in the work environment…