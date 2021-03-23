advertisement advertisement

Earlier in 2021, we heard from a customer—a regional blood center—that found itself on the receiving end of a perfectly executed ransomware attack. Fortunately, this customer was already vigilant about the need to ensure they could recover business data in the event of a failover and had invested in our backup recovery software offering. But attackers today are increasingly sophisticated and despite the blood center’s disaster-recovery protocols, they were still vulnerable to a ransomware attack. By the time IT discovered the breach, the intruders were already in the network.

With the evolution of virtual work over the past year, we’ve heard many comparable stories from our SMB (small and medium business) customers. Here are some lessons I’ve learned from our customers on how to adapt and become cyber resilient. CYBER ATTACKS ON THE RISE DURING COVID-19 Ransomware, and the many other forms of malware, phishing, and social engineering all predate the pandemic. But data from the past year shows an explosive growth in cyber attacks. According to our latest Webroot report, “How Phishing Capitalized on a Global Crisis,” there was a 2,000% spike in malicious files with “zoom” in their filename from February and March 2020. And in just the first four weeks of 2021, we saw a 22% increase in malicious domains relating to COVID-19 and vaccines over the previous 30 days. There’s no mystery about these trends. The proliferation of virtual work has meant an explosion in new endpoints—personal laptops connected through residential ISPs, VPNs, home Wi-Fi, potentially unsecured video-conferencing platforms, and all manner of personal devices accessing corporate networks. We know that companies of all sizes have hustled to digitize all aspects of their operations, but for SMBs this transformation has been vital to their continuing survival during the last year. From a cyber resilience perspective, this was a perfect storm, and a massive shift to which our customers have had to adapt. HOW OUR CUSTOMERS HAVE ADAPTED The response has been substantial, with 96% of U.S. executives surveyed planning to shift their cybersecurity strategy due to COVID-19, and increasing the resources allocated to this kind of risk management.

We’ve heard similar experiences from both owner-operators and senior executives who suddenly found themselves managing a virtual workforce. How can SMBs assign responsibility for and ensure cyber resilience when people are remote? They’ve all seen those Wall Street Journal stories about organizations that have been crippled by a seemingly innocuous email, and, from what we hear, it’s become one of the concerns that really keeps them up at night. In the case of our customer, they were ahead of the curve, having worked with us to establish cloud-based backup and restore capability. By having ready access to a recent copy of their systems, they could walk away from their locked-up system and resume operations without major impact to their business and their customers. But what this example also shows is the increasing need for organizations to invest in a multi-layered approach to becoming cyber resilient: backup, train, block, protect, and restore. Adopting a defense-in-depth approach to cyber resilience—putting in place these multiple layers—can greatly reduce the likelihood of these kinds of attacks ever taking place. TRAINING FOR CYBER RESILIENCE As the five elements to cyber resilience suggest, the technology solutions are necessary, but it’s only a piece of the puzzle. Training and education are equally critical. And as employees are accessing systems and data remotely, and SMBs are still on a learning curve with new digital systems, it has never been more important. And the data from our recent Webroot survey reinforces the importance and impact of ongoing training. For example, in a training situation, 11% of people on average will click on the simulated phishing link during the “first campaign.” That figure drops to 8% in the second campaign, and by the 11th it’s down to just 5%. That’s a significant reduction in click-through rate just from training alone.

