What you need to consider:
- If you have fewer than 72 hours to respond, do you have a comprehensive backup strategy and response ready to counter these attacks?
- When was the last time you tested and verified the backup?
- Have you applied basic file blocking to prevent threats from entering your organisation? Certain file types can be a risk to your organisation. Ask yourself, "Should we allow all files or should we manage the risk by not allowing malicious files types that may cause an issue?"
4) We will have serious data trust issues
People will continue to be too trusting or fooled into thinking something is safe when it really isn't. For example, confidential data can be exposed, or made available, that looks like it comes from an organisation, when it was actually planted by a malicious party. Either way, there's a business reputational risk and a monetary price to pay.
For years, information security professionals have been focused on a model known as the CIA triad, which looks at Confidentiality, Integrity and Availability and is designed to guide policies for information security within an organisation. Many organisations have long looked at confidentiality as a means to protect their data from theft or availability as a means to ensure they can access their data or systems, but how much time has been spent focusing on the integrity of the data or systems?
Imagine a data project, years in the making, where the data an organisation has been collecting and analysing is corrupted. For example, a resource company that has invested heavily in research and development is prospecting for the next drill site where they collect petabytes of data, but an attacker manipulates the information, rendering it worthless. If the integrity of the data is manipulated, where a few bits of information are changed, the company might drill in the wrong spot, wasting time and money and potentially creating an environmental disaster. This could cause companies to make incorrect decisions with significant ramifications. The same could be said about cases where systems have been wiped after an attack, removing all traces that it happened.
Another frightening example is personalised medicine, where the genetic makeup of a person is known and so well-understood that, rather than doing trial and error on which medication works, doctors can tailor exactly the right mix and dosage. If an attacker changed the data on a program such as this, it not only has an impact on the effectiveness of the drug but also could have a lasting negative impact on patient, or even threaten their life, so the stakes are incredibly high.
So What Can Be Done?
Sign up for Computerworld eNewsletters.