Businesses that suffer ransomware attacks don’t always learn from the experience, and are often vulnerable to repeat exploits. This is a central finding by global network and endpoint security leader Sophos, from a survey called The State of Endpoint Security Today.
The survey polled more than 2,700 IT decision makers from mid-sized businesses in 10 countries worldwide, including the US, Canada, Mexico, France, Germany, UK, Australia, Japan, India, and South Africa. The survey concluded that, despite the high profile headlines of 2017, businesses are still not prepared to face today’s fast-evolving threats.
Ransomware continues to be a major issue across the globe with 54 percent of organizations surveyed hit in the last year and a further 31 percent expecting to be victims of an attack in the future. On average, respondents impacted by ransomware were struck twice.
“Ransomware is not a lightning strike – it can happen again and again to the same organization. We’re aware of cybercriminals unleashing four different ransomware families in half-hour increments to ensure at least one evades security and completes the attack,” said Dan Schiappa, senior vice president and general manager of products at Sophos. “If IT managers are unable to thoroughly clean ransomware and other threats from their systems after attacks, they could be vulnerable to reinfection. No one can afford to be complacent. Cybercriminals are deploying multiple attack methods to succeed, whether using a mix of ransomware in a single campaign, taking advantage of a remote access opportunity, infecting a server, or disabling security software.”
This relentless attack methodology combined with the growth in Ransomware-as-a-Service, the anticipation of more complex threats, and the resurgence of worms like WannaCry and NotPetya puts businesses in serious need of a security makeover, according to Sophos. In fact, more than 77 percent of those impacted by ransomware were running up to date endpoint protection, confirming that traditional endpoint security is no longer enough to protect against today’s ransomware attacks.
“Organizations of all sizes are starting 2018 with inadequate protection against ransomware, despite last year’s international headlines,” said Schiappa. “Given the ingenuity, frequency, and financial impact of attacks, all businesses should reevaluate their security to include predictive security technology that has the capabilities needed to combat ransomware and other costly cyber threats.”
According to those impacted by ransomware last year, the median total cost of a ransomware attack was $133,000. This extends beyond any ransom demanded and includes downtime, manpower, device cost, network cost, and lost opportunities. Five percent of those surveyed reported a $1.3 million to $6.6 million as total cost.
Two-Thirds of IT Admins Surveyed Don’t Understand Anti-Exploit Technology
IT professionals also need to be aware of how exploits are used to gain access to a company’s system for data breaches, distributed-denial-of-service attacks, and cryptomining. Unfortunately, Sophos’ survey revealed considerable misunderstanding around technologies to stop exploits with 69 percent unable to correctly identify the definition of anti-exploit software. With this confusion, it’s not surprising that 54 percent do not have anti-exploit technology in place at all. This also suggests that a significant proportion of organizations have a misplaced belief that they are protected from this common attack technique yet are actually at significant risk.
“The lack of awareness and lack of protection against exploits is alarming. We’ve seen a resurgence in cybercriminals looking for vulnerabilities to actively use in countless attack campaigns. Five or six years ago we saw one per year, and last year as many as five new Office exploits have been used for cybercriminal activity, according to SophosLabs,” said Schiappa. “When cybercriminals are deliberately seeking out both known and zero-day vulnerabilities and an organization has a deficit in defenses, it adds up to a bad security situation.”
Intrusions from exploits have been happening for years but are still a prominent threat and often go undetected for months, if not years. Once inside a system, cybercriminals use complex malware that can hide in memory or camouflage itself. In many cases, businesses do not know they’ve been breached until someone finds a large cache of stolen data on the Dark Web.
“It’s time to disrupt these intrusions,” said Schiappa. “Since traditional endpoint technologies are often unable to keep up with advanced exploit attacks used to compromise a system, Sophos has added predictive, deep learning capabilities to the newest version of its next-generation endpoint protection product, Sophos Intercept X.”
Although 60 percent of respondents admitted their endpoint defenses are not enough to block the attacks seen last year, only 25 percent have predictive threat technologies, such as machine or deep learning, leaving 75 percent vulnerable to repeated ransomware attacks, exploits, and evolving advanced threats. Sixty percent plan to implement predictive threat technology within a year, yet confusion about it persists. Of those surveyed, 56 percent admitted that they do not have a full understanding of the differences between machine learning and deep learning.
“Given the speed at which cyber threats have evolved it is not surprising that many IT managers are unable to stay ahead of the next-generation technology required for security. Yet this knowledge gap could be placing operations at risk. Organizations need effective anti-ransomware, anti-exploit, and deep learning technology to stay secure in 2018 and beyond,” said Schiappa.
The State of Endpoint Security Today survey was conducted by Vanson Bourne, an independent specialist in market research. This survey interviewed 2,700 IT decision makers in 10 countries and across five continents, including the US, Canada, Mexico, France, Germany, UK, Australia, Japan, India and South Africa. All respondents were from organizations of between 100 and 5,000 users.
IoT at starting gate
South Africa is already past the Internet of Things (IoT) hype cycle and well into the mainstream, writes MARK WALKER, associate vice president of Sub-Saharan Africa at International Data Corporation (IDC).
Projects and pilots are already becoming a commercial reality, tying neatly into the 2017 IDC prediction that 2018 would be the year when the local market took IoT mainstream. Over the next 12-18 months, it is anticipated that IoT implementations will continue to rise in both scope and popularity. Already 23% are in full deployment with 39% in the pilot phase. The value of IoT has been systematically proven and yet its reputation remains tenuous – more than 5% of companies are reluctant to put their money where the trend is – thanks to the shifting sands of IoT perception and success rate.
There are several reasons behind why IoT implementations are failing. The biggest is that organisations don’t know where to start. They know that IoT is something they can harness today and that it can be used to shift outdated modalities and operations. They are aware of the benefits and the case studies. What they don’t know is how to apply this knowledge to their own journey so their IoT story isn’t one of overbearing complexity and rising costs.
Another stumbling block is perception. Yes, there is the futuristic potential with the talking fridge and intelligent desk, but this is not where the real value lies. Organisations are overlooking the challenges that can be solved by realistic IoT, the banal and the boring solutions that leverage systems to deliver on business priorities. IoT’s potential sits within its ability to get the best out of assets and production efficiencies, solving problems in automation, security, and environment.
In addition to this, there is a lack of clarity around return on investment, uncertainty around the benefits, a lack of executive leadership, and concerns around security and the complexities of regulation. Because IoT is an emerging technology there remains a limited awareness of the true extent of its value proposition and yet 66% of organisations are confident that this value exists.
This percentage poses both a problem and opportunity. On one hand, it showcases the local shift in thinking towards IoT as a technology worth investing into. On the other hand, many companies are seeing the competition invest and leaping blindly in the wrong direction. Stop. IoT is not the same for every business.
It is essential that every company makes its own case for IoT based on its needs and outcomes. Does agriculture have the same challenges as mining? Does one mining company have the same challenges as another? The answer is no. Organisations that want their IoT investment to succeed must reject the idea that they can pick up where another has left off. IoT must be relevant to the business outcome that it needs to achieve. While some use cases may apply to most industries based on specific circumstances, there are different realities and priorities that will demand a different approach and starting point.
Ask – what is the business problem right now and how can technology be leveraged to resolve it?
In the agriculture space, there is a need to improve crop yields and livestock management, improve farm productivity and implement environmental monitoring. In the construction and mining industry, safety and emergency response are a priority alongside workforce and production management. Education shifts the lens towards improving delivery and quality of education, access to advanced learning methods and reducing the costs of learning. Smart cities want to improve traffic and efficiently deliver public services and healthcare is focusing on wellness, reducing hospital admissions and the security of assets and inventory management.
The technology and solutions selected must speak to these specific challenges.
If there are no insights used to create an IoT solution, it’s the equivalent of having the fastest Ferrari on Rivonia Road in peak traffic. It makes a fantastic noise, but it isn’t going to move any faster than the broken-down sedan in the next lane. Everyone will be impressed with the Ferrari, but the amount of power and the size of the investment mean nothing. It’s in the wrong place.
What differentiates the IoT successes is how a company leverages data to deliver meaningful value-added predictions and actions for personalised efficiencies, convenience, and improved industry processes. To move forward the organisation needs to focus on the business outcomes and not just the technology. They need to localise and adapt by applying context to the problem that’s being solved and explore innovation through partnerships and experimentation.
ERP underpins food tracking
The food traceability market is expected to reach almost $20 billion by 2022 as increased consumer awareness, strict governance requirements, and advances in technology are resulting in growing standardisation of the segment, says STUART SCANLON, managing director of epic ERP
Just like any data-driven environment, one of the biggest enablers of this is integrated enterprise resource planning (ERP) solutions.
As the name suggests, traceability is the ability to track something through all stages of production, processing, and distribution. When it comes to the food industry, traceability must also enable stakeholders to identify the source of all food inputs that can include anything from raw materials, additives, ingredients, and packaging.
Considering the wealth of data that all these facets generate, it is hardly surprising that systems and processes need to be put in place to manage, analyse, and provide actionable insights. With traceability enabling corrective measures to be taken (think product recalls), having an efficient system is often the difference between life or death when it comes to public health risks.
Sceptics argue that traceability simply requires an extensive data warehouse to be done correctly, the reality is quite different. Yes, there are standard data records to be managed, but the real value lies in how all these components are tied together.
ERP provides the digital glue to enable this. With each stakeholder audience requiring different aspects of traceability (and compliance), it is essential for the producer, distributor, and every other organisation in the supply chain, to manage this effectively in a standardised manner.
With so many different companies involved in the food cycle, many using their own, proprietary systems, just consider the complexity of trying to manage traceability. Organisations must not only contend with local challenges, but global ones as well as the import and export of food are big business drivers.
So, even though traceability is vital to keep track of everything in this complex cycle, it is also imperative to monitor the ingredients and factories where items are produced. Having expansive solutions that must track the entire process from ‘cradle to grave’ is an imperative. Not only is this vital from a safety perspective, but from cost and reputational management aspects as well. Just think of the recent listeriosis issue in South Africa and the impact it has had on all parties in that supply chain.
Thanks to the increasing digital transformation efforts by companies in the food industry, traceability becomes a more effective process. It is no longer a case of using on-premise solutions that can be compromised but having hosted ones that provide more effective fail-safes.
In a market segment that requires strict compliance and regulatory requirements to be met, cloud-based solutions can provide everyone in the supply chain with a more secure (and tamper-resistant) solution than many of the legacy approaches of old.
This is not to say ERP requires the one or the other. Instead, there needs to be a transition provided between the two scenarios that empowers those in the food supply chain to maximise the insights (and benefits) derived from traceability.
Now, more than ever, traceability is a business priority. Having the correct foundation through effective ERP is essential if a business can manage its growth and meet legislative requirements into the future.