PR Blogs

IT Security Blogs

11 August, 2019 By benelux

[wpv-view name=”pr-blogs”]

it-sa 2018: The Home of IT-Security – DACH Exhibition Highlight

5 December, 2018 By Helmut Weissenbach

[et_pb_section bb_built=”1″ admin_label=”section”][et_pb_row admin_label=”row”][et_pb_column type=”1_2″][et_pb_image admin_label=”Image Blog 1000 px wide” _builder_version=”3.17.2″ src=”https://coderedpr.wpengine.com/wp-content/uploads/2018/12/it-sa-2018-1.jpg” alt=”it-sa 2018″ title_text=”it-sa 2018″ /][/et_pb_column][et_pb_column type=”1_2″][et_pb_text use_border_color=”off” border_color=”#ffffff” border_style=”solid” _builder_version=”3.17.2″]

Why it-sa 2018, the world’s largest IT Security Trade Fair, is a “must-attend” for Security Vendors that want to be successful in the DACH Market.

[/et_pb_text][/et_pb_column][/et_pb_row][et_pb_row][et_pb_column type=”4_4″][et_pb_text _builder_version=”3.17.2″]

By: Dorothea Keck, Account Director, Weissenbach PR

In 1999, when the topic of IT security was far from being as important as it is today and the number of security providers was still manageable, when no one was talking about cloud, the IoT or ransomware attacks, the it-sa then started as a small specialized IT security conference and exhibition integrated as part in the IT and Telco trade fair SYSTEMS in Munich. As we all know, these times are long gone and so, paralleled with the dynamic development of the IT security industry, the it-sa has undergone an enormous transformation process within the last 20 years. In 2018, at its tenth anniversary at the present location Nuremberg in Northern Bavaria, the trade fair has set some new amazing records: With 696 exhibitors from 27 countries and the attendance of nearly 15,000 visitors from more than 50 countries, the it-sa 2018 is the largest IT security trade fair of the world. Compared with the world´s most relevant IT Sec exhibitions, the it-sa even beat RSA San Francisco and Infosecurity London with “only” 600 respectively 400 exhibitors this year.

Meet real cybersecurity decision-makers at just one event
For us as a cybersecurity specialized PR agency, the it-sa has long been the most important trade fair and congress of the year, and so it is for all our clients. But the reason why it-sa is a must-attend for all security vendors that want to win the DACH market, is of course not just the pure size of the trade fair but its quality. The most important reason to spend money and engage as a sponsor, speaker or exhibitor at it-sa is certainly the quality of the visitors, and thus the opportunity to generate real and promising leads. Our own observations, but above all the feedback from our clients, has shown that it-sa has become a platform for IT decision-makers, CIOs and employees with managerial responsibility. This fact is also confirmed by the it-sa statistics. 84% of the visitors in 2018 are involved in purchasing decisions in their company and therefore these are interesting prospects for our clients. As a matter of fact, the it-sa again differs from many other large security exhibitions in Europe and around the world, where often one can find hordes of the visitors who mainly zero in on giveaways.

Meet the leading journalists from all over Europe within only 4 days
Besides generating leads by presenting your products and solutions at the booth, in presentations and panel discussions, the it-sa also provides a platform for extensive media and analyst relations. As a meeting place for leading journalists, blogger, influencer and analysts from all over DACH and even Europe, the it-sa offers opportunities for in-depth media briefings, interviews, analyst meetings, media webcasts, podcasts etc. like no other event or congress does. This is a chance vendors must not miss.

This year, our agency team was able to arrange and manage an average of 14 interviews and analyst meetings for each of our clients who attended. Besides exciting meetings at the booths and the opportunity to initiate long-lasting and valuable relationships with the journalists, these interviews resulted in excellent coverage including the publication of webcast videos which significantly increases visibility in the media.

Good preparation = great PR success
Good preparation is the key for our clients’ success in every respect and especially regarding PR. We therefore develop individual it-sa plans for each client months before the event and start our activities at an early stage. This includes producing a number of press releases to announce our client’s attendance, the application for speaker slots, drafting award submissions for the it-security awards, identifying media sponsor opportunities, organizing press conferences at the exhibition, reaching out to journalists and analysts to arrange meetings and briefings and posting on social media during the event.

The weeks before it-sa and above all the four days at Nuremberg itself are a stressful time for both our agency team and the spokes people of our clients – but meeting interesting people, having the opportunity to attend outstanding key notes and especially the great PR success achieved following it-sa is definitely worth the effort. So we are looking forward to a successful it-sa 2019.

[/et_pb_text][/et_pb_column][/et_pb_row][/et_pb_section]

CSAN shows opportunities in Cyber Security in the Netherlands

9 August, 2018 By benelux

[et_pb_section bb_built=”1″ admin_label=”section”][et_pb_row admin_label=”row”][et_pb_column type=”1_2″][et_pb_image admin_label=”Image Blog 1000 px wide” _builder_version=”3.11.1″ src=”https://coderedpr.wpengine.com/wp-content/uploads/2018/08/csan.jpg” alt=”csan” title_text=”csan” /][/et_pb_column][et_pb_column type=”1_2″][et_pb_text use_border_color=”off” border_color=”#ffffff” border_style=”solid” _builder_version=”3.11.1″]

The National Coordinator for Security and Counterterrorism (NCTV) of the Netherlands published it’s Cyber Security Assessment Netherlands 2018 (CSAN 2018) report. In it, the CSAN re-emphasizes and underscores the need for Dutch organizations to invest in digital security. Cyber Security vendors should stand shoulder to shoulder with the NCTV in raising awareness about the risk Dutch organizations and society are exposed to, as well as about the solutions available to mitigate these.

[/et_pb_text][/et_pb_column][/et_pb_row][et_pb_row][et_pb_column type=”4_4″][et_pb_text _builder_version=”3.11.1″]

By Paul Zeebregts, Zeekhoe Communicatie

According to the CSAN, “the scope and severity of digital threats facing the Netherlands are still considerable and continue to evolve”. The NCTV finds that Dutch security remain under constant threat of digital attacks. “The Dutch economy and broader Dutch society have become entirely dependent on digital resources. Attacks and outages can have major consequences, potentially disrupting society itself”, says the CSAN.

Download the Cyber Security Assessment Netherlands 2018

For Cyber Security vendors, the CSAN offers insights into the opportunities that lie in the Dutch marketplace. “The digital threat is permanent, as cyber attacks are profitable, simple to execute and involve little risk for attackers”, the CSAN states. “In light of recent geopolitical developments, state actors are expected to continue using such digital attacks and may even opt to do so on a greater scale.”

Cybercrime continues
Professional criminals continue to be a major threat to Dutch society, according to CSAN. “Cyber attacks with a major societal impact can be perpetrated with relatively few resources. Perpetrators can carry out attacks without any need for large-scale capabilities; they can simply purchase them externally. This became clear in January, when the DDoS attacks plaguing several banks turned out to have been carried out with a simple bought-in attack.”

Lack of basic measures
Cyber Security vendors can profit from the fact that, according to the CSAN, many organizations in the Netherlands fail to implement the basic measures needed to repel cyber attacks. “This concerns basic measures such as the timely installation of updates or prevention of flaws in configurations. For example WannaCry and BadRabbit exploited known vulnerabilities and could have been prevented if the necessary security updates had been installed. Insecure products and services make life easier for attackers. As the recent period has shown, organizations could have prevented incidents and mitigated damage by ensuring that their basic security was properly in place.”

Cyber Security vendors: take heed!

[/et_pb_text][/et_pb_column][/et_pb_row][/et_pb_section]

Mergers and Acquisitions Communication, part II: Looking Inward

9 March, 2018 By Dan Chmielewski

[et_pb_section bb_built=”1″ admin_label=”section”][et_pb_row admin_label=”row” background_position=”top_left” background_repeat=”repeat” background_size=”initial”][et_pb_column type=”4_4″][et_pb_text background_layout=”light” use_border_color=”off” _builder_version=”3.0.106″]

In part I of this series of blogs on Mergers and Acquisitions Communications, I discussed several external questions on communicating being acquired by, or acquiring a, company were addressed. When there are mergers and acquisitions, sometimes the most important public is overlooked when preparing communications plans – employees. If you leave communicating the acquisition to Human Resources alone, you’ve made a grave mistake. PR professionals can help craft answers to the questions everyone has from either side of an acquisition.

By: Dan Chmielewski, Director at Madison Alexander

Internal Questions
Many of the external questions about mergers and acquisitions will also be shared with an internal audience. To make it easy, the internal questions are broken down to “us” and “them” categories (and some of those questions are also the same, where the answers might be different).

In many cases, the answers are specific to the particular individual, so small group meetings or even individual meetings between employees and managers should be held to address more specific, individual questions.

Create specific plans if the elimination of a product line is planned or certain individuals are targeted for layoff. Human Resources and Sr. Management need to work together to communicate these intentions following mergers and acquisitions to those affected and offer appropriate severance packages and/or bonus packages to keep employees on until the deal closes.

Us/Internal

Why are we buying this company?
How will this company be integrated into our business?
Does this acquisition affect the projects I am working on? How?
Is my job safe? This is actually the top question for a number of employees and the leading source of “grapevine” rumors that can hurt.
Will I be getting more responsibility?
Will I be getting more resources/budget to handle additional responsibility?
Are we looking to buy any other companies?
Explain why this is a good deal for the company.

Them/Internal

Why are we being acquired instead of going IPO?
Why is this deal good for us?
Who is the acquiring company? Tell me more about them?
What will the new organizational structure be?
Is my job safe? What is my career path?
Am I still reporting to my boss?
What changes will happen here?
What happens to my product line?
What happens to my customers?
What does this deal mean to my options/compensation/benefits?
When will this be completed?

Meet Dan at Code Red.

Mergers & Acquisitions Communications: The PR Challenge

9 February, 2018 By Dan Chmielewski

When you work with start-ups and innovators, it’s typically a matter of time until a larger company decides to acquire them or they buy a smaller technology concern to grow. There’s a right way and wrong way to handle the announcement of mergers or acquisitions.

By: Dan Chmielewski, Director at Madison Alexander

In many ways, the communications to the internal audiences is more important than the external news. Mergers or acquisitions are always a reminder that audiences other than the media are often more important. Below, there’s a checklist of questions that must be addressed when announcing mergers or acquistitions even if the answers are not readily available, along with recommendations for the procedures involved in the announcement. Disclosure is always tricky in announcing mergers or acquisitions. Companies need to retain their best talent. It’s important to communicate to employees, partners, or suppliers disclosed early about the consequences of violating disclosures. Managing the grapevine is never easy. Proactivity is always the way to go and keeping disclosures to those who need to know is critical. Upon disclosing either party’s PR firm, it’s important to find out if client conflict exists. Ultimately, the acquiring party makes the decision on who is handling what.

External Questions

What company are you acquiring?
Why are you buying them?
How is the deal being financed and how much is the deal through?
When will the acquisition hit the company’s books (which quarter) and how will you report earnings going forward (for public companies only)?
Why is this a good acquisition?
Why is this good for the acquired company?
What is your expectation of the potential revenue you will generate from the new acquisition?
When will this deal close?
Who will manage the new acquisition?
How will this addition change your combined business moving forward?
What is the business model moving forward? How will you integrate the two companies?
Does this acquisition create new markets for you?
Does this acquisition bring new products/technologies to the product set?
Will any products be discontinued?
Are you planning any job cuts to eliminate redundant positions/functions? How many? And where (where means both geographically and within company departments) will these cuts be made?
What do you expect the new headcount to be?
Will you be acquiring any other companies or products in the immediate future?
Which companies will be the principal competition for the new combined company?

Every deal is unique. These questions are designed to get the communications process around mergers or acquisitions started. The questions can be added to or deleted if not relevant, and the recommended procedures are subject to change based on time and technology. Part II covers internal communications inside the organizations.

Part II covers internal mergers and acquisitions communication for organizations.

Meet Dan at Code Red.

‘Tis the Season to be… Quiet? Times to stall PR efforts in certain regions

24 January, 2018 By benelux

As the Netherlands grinds to a halt during the upcoming Carnaval week, I wondered if other countries and regions have similar times or events when PR efforts will fall on deaf ears. A quick poll among my fellow Code Red participants provided some interesting local insights.

By: Paul Zeebregts, Director at Zeekhoe Communicatie

Here in the Netherlands, the festivities of ‘Carnaval’ are upon us. Carnaval, also known as ‘Mardi Gras’ or ‘Fat Tuesday’, is more than a one-day event in our region. Especially in the south of the Netherlands, which is traditionally Catholic, every year in late February or early March, depending on the timing of Easter, Carnaval is a pre-Lent celebration. For 4 days prior to the Wednesday that marks the start of Lent (also known as Ash Wednesday), the public in the southern Netherlands, Belgium and some parts of Germany, take to the streets (and bars!) in colourful and strange costumes, wearing wigs, make-up and masks for a massive party. There are parades in almost every town and city, and people are literally dancing in the streets. Most of all, Carnaval is supposed to be one big last brawl before Lent prohibits the consumption of food and alcohol. However, very few people observe Lent during the following 40 days.

It is virtually impossible to reach anyone during Carnaval in the southern Netherlands. Many people take days off for the celebration and some companies close their doors altogether. The rest of the country doesn’t partake in these festivities but does enjoy what they call ‘Spring Vacation’. They do so predominantly on the ski slopes of Germany, Austria, Italy and France, so where the streets in the southern Netherlands are packed, those in the north are half empty.

Carnaval, as you can imagine, is not a great time to publish your news in the Netherlands. As a PR agency, we strongly advise our clients to hold off with their press releases until the festivities have ended. In other regions, other times and events are also not suited for your PR campaigns, as a number of participants in the Code Red Network tell me.

Vernon Saldanha of Procre8 in Dubai, UAE: “Most tech journalists in the Middle East tend to be expats which is why our region seems to face an annual Christmas exodus. As such, December is a slow news month and unless a client has some very ‘significant’ news, I wouldn’t recommend making any announcements, arranging events, or pitching media round-tables.”

The Christmas slowdown is second only to the Muslim Holy Month of Ramadan which is observed in the region for obvious reasons, says Saldanha. “During this 40-day period of fasting, most businesses work shorter hours (to accommodate those that are fasting) and as such business does tend to grind to a snail’s pace. Ramadan does not follow the Roman calendar and depends on the sighting of the moon which is why it moves each year. I would recommend speaking to your PR agency at the start of the year and budget this slowdown in to your PR plans for the region.”

According to Virginia Frutos of Everythink PR Boutique in Madrid, Spain, the Christmas Season is especially long in her region. It runs the entire ‘Twelve Days of Christmas’, from December 24 to the day of the Three Wise Kings (January 6th). “The focus of PR is consumer’s and the seasonal topics. The same happens in the summer, when the vacation season is spread from July to September. If we are thinking about product launches or events during these times, it is a big NO in our market. However, if we want to talk about safe shopping (Christmas sales), security trends, Wi-Fi connections in airports, summer holidays and traveling… this can be the time to get the message across, specially through TV and radio.”

“If we consider general information newspapers, in the Christmas context we have a good opportunity to talk about what is coming in 2018. We’ll publish forecasts and insights in how cybersecurity/cybercrime/ransomware is going to be part of people’s daily life. This is an excellent time to talk about the future, such as the developments in the internet of things and visions related to robots, home automation, self-driving cars and, of course, how to optimize the security of this all!”

Elaine Banoub of Primary Communication in Surrey Hills, Australia, tells me the later in the year it gets, the worse the timing is for making a major PR announcement in Australia. “As a rule of thumb, the cut-off point for pre-planned announcements should be late November. Australian journalists will typically cover stories for January onwards from this time, so ideally any announcements made at the tail end of this period won’t be time-sensitive.”

Additionally, many Australian businesses close from around mid-December through till mid-January, says Banoub. “Any major PR announcements during this period can mean that it can get lost in the wash of holiday stories. And sometimes it can have a negative impact – announcing something not directly tied to the holidays during this period can give the impression that an organization/business is trying to hide something from the public. This may not be the case, but perception is everything in PR!”

Banoub points out that there are two major exceptions: “The first is if a client has a consumer campaign that’s directly tied to the holiday season. The second is when a client is releasing predictions for 2018. Towards the end of the year, the Australian media thrive on articles based around this kind of material; if it’s pushed out to the right outlets, it can deliver an end-of-year PR coup with good exposure for the brand.”

In the Nordics, the holiday season is also not the best time to share news, says Susan Rose of Susan Rose Communication in Stockholm, Sweden. “It would be a waste of good resources. The worst time to make a major PR announcement is the last week before Christmas until mid-January. In the summer, interest in news slows down from the start of Summer on June 21 until the middle of August. In July, however, NOBODY cares about any news.”

In Israel, some global holidays are observed, but Anat Messing of Wanaka PR in Ramat Gan, Israel, tells me the Jewish calendar offers its own unique holiday seasons. “At Christmas and New Year business is as usual. However, there are two seasons when things slow down significantly. The first is in September-October, when we celebrate three different holidays during a period of almost a full month. The second is one week in April, during Passover. Usually the market becomes very slow during these periods and many people travel in and out of the country. Sometimes, from September to October, people may leave for an entire month. Therefore, while it is not advisable to come up with important news during these times.”

Messing points out that these ‘slow times’ offer great PR opportunities as well. “It can be a good time to publish less important content. Also, many journalists are out of the office and by-lines or press releases can fill the gaps. That provides our clients with the opportunity gain valuable exposure they wouldn’t get on a regular business day.”

[/et_pb_text][/et_pb_column][/et_pb_row][/et_pb_section]

Industry 4.0 and Blueprints for Security and Safety in Korea

23 January, 2018 By June Cha

Sectoral blueprints have emerged to cope with the industry 4.0 in Korea under the slogan “People-centric and participatory industry 4.0 to address both social issues and economic growth”.

By Kwon June, journalist of Security World

This plan lays out the big picture envisioned by the new government of Korea to support ‘innovative growth’, one of the core policies of the government, and to promote the ‘human-centered’ industry 4.0 that everyone can participate in and benefit from. Especially, it is meaningful in that it suggests the blueprints for the five-year term of Moon’s government to obtain the kind of transformation as well as achievements that can be understood by the people beyond general approaches through collaboration among ministries and Presidential Committee on The fourth industrial revolution.

The government’s response plan aims to complete the intelligent revolution project (12 tasks), secure technical competitiveness, create industrial ecosystems and cope with social changes, and suggests specific action tasks for these four sectors.

First of all, in the sector of ‘Intelligent Innovation’, 12 projects are proposed to intelligently guide the productivity and global competitiveness of industry, while increasing the quality of life and creating economic drivers. The target year for each project is set to 2022.

With regard to security and safety, it is included that sustainable smart city models and the autonomous control-based intelligent smart home are to be promoted to address urban issues and thus drive innovations in a life from households.

World-class cutting edge smart cities are planned on new sites, breaking from the conventional u-City initiatives merely focusing on facility management. Also, a ‘New Deal for smart urban rehabilitation’ is to be promoted based on smart technologies for solving urban problems by 2022. The plan also includes a strategy to upgrade the existing smart home, which has been widely applied for the remote control of home electronics and lightings to a new intelligent, autonomous technology.

Also, when it comes to ‘Transportation’, the plan proposes the expansion of intelligent traffic signal systems and the enhancement of traffic risk forecasting and an alert service that together will seek to reduce traffic congestion and accident rates by 10% and 5%, respectively.

In the ‘Vehicle’ sector, the drone market is expected to grow 20 times through a series of projects including the commercialization of autonomous vehicles for high-way use, promotion of industrial drones and introduction of autonomous ships. This plan also includes a series of plans to support the handicapped.

Especially, the initiatives to secure the competitiveness of the drone industry aim to foster industry-leading technology for autonomous drones, nurture industrial drones, and construct flight examination centers by regions.

For ‘Safety’ sector, smart facility management is to be fostered, especially focusing on worn-out facilities and artificial intelligence-based crime analytics; and the provision of safe, optimal routes are also featured. These measures aim to increase the crime detection rate from 83.99% in 2016 to 90% and reduce the maritime accident rate by 30% by 2022.

To this end, intelligent CCTV, AI-based crime analytics and autonomous patrol and tracking systems enabled by drone are to be promoted and evaluated in crime-prone areas.

Finally, in the ‘Defense’ sector, intelligent border surveillance is to be further disseminated and an AI-based intelligent command system will be introduced aiming to increase the unmanned surveillance rate by 25% by 2025, to cope with the expected reduction of troop resources.

For securing ‘Technical Competitiveness’, 2.2 trillion won will be invested in the R&D sector of intelligent technologies, while researcher-oriented R&D will be fostered to promote and gather creative and challenging researches.

To create ‘Industrial Ecosystems’, the government plans to introduce 5G for the first time in the world (By March 2019), foster big data centers in each core industry, introduce regulation sandboxes (2018~), redesign the regulatory system to propel innovation-friendly sectoral regulations, raise an innovation venture fund worth 10 trillion won and relax the eligibility criteria regarding government purchase (From 12% in 2016 to 15% by 2022) in industry 4.0.

Especially, sectoral big data centers and public big data centers will be set up for 10 major industries including finance and transportation to establish private/public sector data and thus to enhance the data basis, a necessary resource in the era of the industry 4.0. In order to make the data public for AI training and to foster the utilization of de-identified personal information, specific strategies will be developed by reflecting public opinion and will be prepared by the end of this year

This is seen as a policy that will establish concrete measures within this year without putting off pending, controversial issues pertaining to the de-identification of personal information to next year.

Finally, to cope with ‘Social Changes’, the government will nurture 4,600,000 experts in intelligence technology, while promoting versatility in professions and stabilizing job safety by, for instance, expanding employment insurance.

In particular, as threats posed by intelligent hacking increase, the government plans to enhance the cyber safety network by 2018 by, for instance, establishing cyber-threat big data centers and to establish the ethics charter on AI technology to prevent adverse effects and malfunctions of AI.

The comprehensive plan will be implemented as a package to support the linking of ‘technology, data, infra, promote diffusion and institutional improvement in order to go beyond the conventional support initiatives that merely foster technologies and focus on industrial support. The government will serve as a facilitator to improve the market environment and thus maximize the innovation capability of the private sector, while leading investment from the private sector through preemptive adoption in the public sector.

In addition, the government has developed a policy brand called ‘I-Korea 4.0’ to increase public accessibility to the relevant policies. I-Korea 4.0 is regarded as a policy befitting a new generation that carries on the legacy of the previous governments’ successful policies such as e-Korea (2002) and u-Korea (2006).

The word ‘I’ means Intelligence, Innovation, Inclusiveness and Interaction, and ‘4.0’ means that to cope with industry 4.0, the 4 I’s and 4 strategies.

Meanwhile, with regard to the sectoral key tasks, the task-specific strategies will be formulated by the ministries in charge and given shape through a series of public hearings and discussions led by Presidential Committee on The fourth industrial revolution and deliberations conducted by the Innovation Committee, Special Committee and the Whole Committee.

Click here for more blogs by PR Experts.

[/et_pb_text][/et_pb_column][/et_pb_row][/et_pb_section]

Cyber security threats to Australian businesses: the top 3

8 November, 2017 By Elaine Banoub

In the era of the internet, protecting an organisation’s information has become just as
important as setting up business capital. Information is considered the lifeblood of a successful and profitable business. Throughout Australia, organisations are constantly adopting innovative cyber security and privacy safeguards to manage threats and achieve competitive advantages. With the increasing volume of data being produced and stored, SMBs and large corporations are now prioritising the adoption of security policies around how their information is stored and secured.

By Elaine Banoub, Primary Communication

Developing proper policies minimises risks and prevents incidents. With this in mind, we’ve identified three of the current biggest cyber security risks for Australian businesses.

1. Security is a moving target with the adoption of IoT
Cyber security breaches are likely to increase as connected devices proliferate the market. Gartner forecasts that 8.4 billion internet-connected devices will be in use worldwide in 2017, up 31 per cent from 2016, and will reach 20.4 billion by 2020.

Each of these devices presents a potential cyber security loophole in a wider IT infrastructure. Given their increasing reliance on internal computers and internet connectivity, everyday devices like factory equipment, mobile phones, cars, air conditioning and hearing aids could find themselves increasingly at risk of cyberattack.

This risk is particularly concerning for healthcare. Worries have been raised around the possibility of people having personal medical devices (such as pacemakers) hacked, particularly as they begin to feature more online integration.

It’s apparent that there needs to be an increased level of investment in IoT security as soon as possible. IT managers need to be taking stock of IoT devices in the office, and looking to minimise risk through any means possible.

2. Ransomware will continue as a growing threat
Ransomware is a surprisingly old technology, dating back to the late 1980s. But it’s only recently that the public have become widely aware of the threat it can pose to businesses and personal users alike. This year’s WannaCry ransomware strain affected hundreds of thousands of computers the world over, making huge headlines in the process.

While Australia was only minimally affected by the WannaCry strain, around a month later a different strain called “Petya” hit our shores. This was significantly more disruptive; unlike most ransomware, which typically relies on people inadvertently running malicious software, Petya was able to run legitimate IT administration tools, grabbing key passwords and data for system access in the process.

Three Cadbury factories and law firm DLA Piper had their operations knocked out as a result of the attack; although 11 successful attacks were initially reported, it’s quite possible that there were more successful attacks which went unreported for fear of reputational damage.

Ultimately, both WannaCry and Petya shone worrying spotlights on how easily system vulnerabilities can be exploited by those with malicious intent.

Ransomware attacks don’t necessarily steal data – but may irretrievably encrypt it, and render it useless in the process. Having key data wiped out can have dire consequences for any firm, potentially even leading to the end of the business. It could also lead to substantial reputational damage, undermining client trust.

The effects of ransomware are often compounded by lax or irregular back-up and updating procedures; losing some work during a ransomware attack is near-inevitable, but many businesses are not taking the necessary steps to secure their data for rapid restoration. Sometimes, the most obvious ways to prevent and recover from cyber security breaches are also the most overlooked. It cannot be assumed that everyone on staff is an IT expert, or even familiar with basic IT precepts. Staff need to be effectively educated on the importance of basic security techniques, such as passwords, not opening dubious emails or downloading from questionable sites. Additionally, regular updates and/or training sessions should be held when new threats are identified – this will help keep staff up-to-date and prevent issues arising.

An important facet of this is also regularly downloading updates for your software; these updates help plug cyber security gaps and exploits in your software. Part of the reason WannaCry was able to spread so readily earlier this year was because people simply weren’t updating their computers, and the ransomware was able to exploit a gap found in older versions of common programs.

3. Bring your own device (BYOD) is an issue that needs to be controlled
Bring your own device (BYOD) policies are rapidly increasing in popularity across a number of industries. This certainly has its pros and cons; With BYOD businesses can keep hardware costs down, while enabling staff to work more efficiently as they utilise devices they’re already familiar with, rather than having to work with office-mandated pre-sets. However, BYOD also contains an element of risk for cyber security. With devices also being used for personal purposes, it’s possible that the office network could accidentally become infected by outside threats as a result of staff carelessness. Disgruntled staff could potentially exploit their access to company data for nefarious purposes. Additionally, the risk of losing valuable information can be increased, as people are not necessarily always connected to a central server while working.

With that said, BYOD is very effective for some workplaces, and there are numerous ways to manage the risk; some companies utilise specific apps or web-based programs. This helps maintain the positive attributes of BYOD while also allowing a relatively closed system. Importantly, data can still be centrally controlled. Access to information can be adjusted in real time, in the event staff are abruptly terminated, or decide to move on to a new role.

Importantly, if a cyber security breach does occur, it will be much easier to determine the source.

Click here for more PR Blogs.

[/et_pb_text][/et_pb_column][/et_pb_row][/et_pb_section]