A dreaded issues an IT team has to deal with is that of ransomeware. However, PETER ALEXANDER, CMO, Check Point, offers five tips on how to avoid it.
It’s the call that IT teams dread: an employee is reporting that their PC screen is flashing red, with a message telling them that their files are encrypted and that they need to pay a ransom to get them unscrambled. What should they do next?
The actions that the organisation takes over the next few minutes, and hours, will be critical in determining just how big – or small – an impact the cyberattack will have. What’s more, a cyberattack does not only negatively impact the company’s physical IT systems: it also causes stress and puts employees under pressure too.
A recent paper from the University of Haifa found that cyberattacks have a strong psychological impact on all staff, increasing their levels of anxiety, stress and panic – which can then lead to mistakes being made, and in turn further damage.
So how should organisations go about eliminating these human, panicky and emotional reactions to cyber incidents, and develop a more coordinated, conditioned response?
Training is never in vain
A key example is the rigorous training that airline pilots are given in dealing with unexpected events: they are provided with extensive checklists and procedures that cover virtually every eventuality, from running out of fuel, to engine failure, to structural damage. And those procedures are practiced again and again, both in simulators and in flight conditions, so that in a real-time emergency situation, their response becomes an automatic reflex action. The result is that when an incident happens, the first thing the pilot and co-pilot will do is turn off the warning alarm, so that they can think clearly and start running through the appropriate checklist.
Enterprises need to undertake similar, rigorous planning to help them respond quickly and accurately to breaches or attacks. They should prepare an incident response (IR) plan, and assemble an IR team that includes all relevant internal stakeholders – such as IT and security specialists, HR and PR teams, plus in some cases, specialist external resources. Also, preparation alone isn’t enough: the execution of the plan needs to be practiced, through realistic training drills.
To help organisations develop faster, more effective responses, here are five key steps that they should follow, whether in a training exercise or in the wake of a genuine incident.
- Recognize the incident is happening
The critical first step is for staff to take the attack seriously and move swiftly, but without panic. Think of the ideal response to a fire alarm in an office building: everyone should immediately stop what they are doing and make their way to the exits without pausing to gather their possessions or empty their desks. A cyber incident should be granted the same instant attention and focus. As soon as it is identified, all staff need to be alerted, smoothly and efficiently, and given clear, calm instructions as to what to do next, whether that is simply stepping away from their desks, or shutting down their PCs or devices.
- Gather the resources you need
This means mobilizing the security tools and technology, as well as the trained staff which make up your organization’s security infrastructure, and getting them to focus on mitigating the incident. Clearly, not all staff will need to be involved in this stage, so it’s all about pulling together the right experience and expertise – fast. Your IR plan should set out which personnel need to be involved, and if any external security resources are to be used.
Of course, assembling the combination of tools and talent isn’t cheap. But the investment and time required to build effective defenses is dwarfed by the real-world costs of cyberattacks, in terms of remediation of immediate damage and subsequent fallout. The NotPetya ransomware attack of summer 2017 was estimated to have cost global logistics firm FedEx $300M in lost revenue and clean-up costs, and pharmaceutical giant Merck & Co stated that NotPetya cost it around $135M. So with companies on average experiencing two cyberattacks per week which breach their defenses, it’s clear that it’s far better to invest in preventing attacks, than to pay the far higher costs for a cure after the fact.
- Execute your IR plan
This is the active stage, in which you should work through your IR plan step by step to determine what the nature of the attack is, how it breached your defenses, how it can be isolated, and how the damage can be remediated. For organisations that do not have an IR plan to hand, it may be best to call in external specialist help at this stage: but for the future, here’s a checklist of what the plan should include, and important do’s and don’ts to follow when preparing a plan for your organisation.
Too often, organisations stop at stage three. But communication regarding the attack is vital – not only to all your internal stakeholders and employees, but also where necessary to external stakeholders such as partners, customers and investors. This is becoming a regulatory requirement. All stakeholders, both inside and outside your organisation, need to understand what has happened and what the implications are for them – in language pitched at their level of technical understanding.
This is a specialist stage, which should be left in the hands of your communications team. The recent revelations about Uber’s 2016 cyberbreach and the subsequent cover-up are a lesson in how not to communicate – and the consequences that might follow.
Once again, this is a truly crucial element of IR that is too often neglected. Every cyberattack should generate serious lessons for the organisation in question. After an attack active steps should be taken to repair the vulnerability, modify and improve the exploited process, retrain any staff that may have made a mistake, and put in place, or update the existing IR plan. Inability to learn from and take steps to improve cyber protection after suffering an attack leaves the organisation vulnerable to a similar attack occurring again.
Effective incident response is about training and practice. Developing an IR plan and keeping it updated involves work and investment – but during a cyberattack, that investment will pay dividends. Whether you decide to handle your IR internally or draw on external expertise, it’s important to make a plan now, and test it against possible attack scenarios. This will help to eliminate panic during an attack, limit the damage and fall-out from the incident and get your business ‘back to normal’ as fast as possible.
3D printed room-service? Visit the hotel of tomorrow
To mark its 100th birthday, Hilton predicts the trends that will change travel and hospitality in the next 100 years.
Intergalactic getaways, fast-food nutrient pills, 2-3 hour working days and adaptable, personalised rooms that can transport guests everywhere from jungles to mountain ranges. These are some of the predictions for the next 100 years that the Hilton hotel group has put together in celebration of its 100th anniversary.
In a report supported by expert insight from the fields of sustainability, innovation, design, human relations and nutrition, findings reveal the impact of the growing sophistication of technology and climate change on the hotel industry in the future.
Key predictions for the hotel of the future include:
Personalisation is King
- Technology will allow every space, fitting and furnishing to continuously update to respond to an individual’s real-time needs – the Lobby will conjure up anything from a tranquil spa to a buzzy bar, giving every guest the perfect, personal welcome
- From temperature and lighting, to entertainment and beyond, microchips under the skin will enable us to wirelessly control the setting around us based on what we need, whenever we need it
The Human Touch
- In a world filled with Artificial Intelligence, human contact and the personal touch will be more critical and sought after than ever
- Technology will free up time for hotel staff to focus on what matters most: helping guests to connect with one another and building memorable moments
‘Sustainable Everything’ – The Role of Responsibility
- Only businesses that are inherently responsible will survive the next century
- Sustainability will be baked into everything about a hotel’s design – from weather-proofed domes, to buildings made from ocean-dredged plastic
- Hotels will act as the Town Hall of any community, managing local resources and contributing to the areas they serve with community-tended insect farms and vertical hydroponic crop gardens
Menu Surprises and Personalisation
- Our diets will include more plant-based recipes and some surprising sources of protein – Beetle Bolognese, Plankton Pies and Seaweed Green Velvet Cake will be menu staples!
- Decadent 3D-printed dinners and room service will provide unrivalled plate personalisation
- Chefs will be provided with biometric data for each guest, automatically creating meals based on preferences and nutritional requirements
Futuristic Fitness and Digital Detoxes
- Outswim a virtual sea turtle in the pool, or challenge yourself to climb the digital face of Mount Everest, your exercise routine will be as unique as you are. What’s more, exercise energy generated from workouts will be used to power the hotel, providing a zero-impact, circular system. Guests could even earn rewards based on reaching workout targets
- Pick up where you left off with trackable workouts and holographic personal trainers
- Offline will be the new luxury as we seek to find moments of tech-free time
“Since its inception in 1919, Hilton has pioneered the hospitality industry, introducing first-to-market concepts such as air-conditioning and in-room televisions. Last year, Hilton also became the first hospitality company to set science-based targets to reduce its environmental impact,” said Simon Vincent, EVP & President, EMEA, Hilton. “We enter our second century with the same commitment to innovation, harnessing the power of our people and technology to respond to guest demands. Our research paints an exciting future for the hospitality industry, highlighting the growing importance of human interaction in an increasingly tech-centric world.”
Futurologist Gerd Leonhard said: “In 2119 we will still be searching for unique experiences, but they will be more personalised than ever. As technology shapes our lives we will seek out moments of offline connection with others, including hotel team members who will help us truly get what we need from our stays. 100 years from now hotels will have to create opportunities to converse, collaborate and connect, delivering moments that matter, individually, to each and every guest.”
Gadget ed to chair Digital Council
Specialist financial services provider Sasfin Bank has established a Digital Advisory Council to provide the market with industry-leading expertise and insights on trends shaping the use of technology in financial services.
Digitalisation is one of the most powerful forces for change shaping Finance today. This has turned Fintech into one of the most vibrant sectors in both information technology and among start-ups, generating billions of dollars in investment and development globally. The South African fintech space is dynamic, and Sasfin is playing a leading role in the transformation of local financial services and the resulting enhancement of customer experiences.
“We have been investing in fintech development in-house and acquiring or integrating fintech start-ups,” says Sasfin CEO Michael Sassoon. “Over the last year we have built further digital offerings, integrated via APIs into leading businesses and invested in fintechs. We built and launched B\\YOND, an innovative digital business banking platform and SWIP, a digital wealth and investing platform. We have invested in Payabill, an online SME lender and DMA, a digital trading platform. We recently announced our alliance banking relationship, leveraging open banking, with Hello Paisa to offer seamless banking to the unbanked. We feel that there is a huge opportunity to improve the experience of South African businesses and savers through using technology. We have therefore created an independent forum to assess how to even better improve financial services for South Africans by leveraging the digital economy.”
Arthur Goldstuck, founder of high-tech research consultancy World Wide Worx, editor-in-chief of Gadget, and a globally respected technology analyst has accepted Sasfin’s invitation to head up the Sasfin Digital Advisory Council, an independent think tank that will help Sasfin and its clients decipher the fintech present and future.
“The Sasfin Digital Advisory Council is broader than providing only the bank with a source of insight on how digital services are evolving and lessons from across the world,” said CEO Michael Sassoon. “Sasfin has been involved in fintech investing for many years and we are leveraging this experience as well as the experience of independent experts such as Arthur to provide insights and guidance to interested stakeholders in this space.”
The team appointed to the Digital Advisory Council is being selected for the breadth and range of knowledge they would bring to the table, with further appointments to the Council being announced soon. There will also be room for the Council to co-opt specialist expertise as it is required.
Goldstuck, who has been covering the fintech sector as an analyst, commentator and columnist for many years, says he sees the role as a welcome challenge.
“There has been a long-standing need for a clear understanding of the impact being made by fintech today, and the exponential change it will cause tomorrow,” said Goldstuck. “My role will be, partly, to curate the wide spectrum of fintech and digitalisation knowledge and insights that the members will bring to the Digital Advisory Council, and help create scenarios that businesses and policymakers may use to navigate the future – both inside and outside Sasfin.”