Cyber security consultancy PureCyber is urging organisations to invest in invaluable measures to protect against cybercrime, before it is too late.
The recent cyber-attack on major NHS IT provider Advanced, in Birmingham, is just the latest ransomware incident to highlight how hackers take control of IT systems, steal data and demand a payment from victims to recover.
The NHS insists that disruption is minimal, but Advanced, which provides digital services like patient check-in and NHS 111, would not confirm whether NHS data had been stolen and continues to restore services, which may take three to four weeks to fully recover.
Damon Rands, CEO and Founder of PureCyber, which is based in Cardiff’s Central Square and protects a portfolio of global clients, said: “This recent NHS ransomware attack unfortunately demonstrates that no matter how serious your organisation takes cyber security, you can always be a victim of cybercrime if one of your key critical outsourced services is managed by another organisation.
“Identifying and implementing the correct steps and levels of cyber protection for your organisation is vital, but just as vital is ensuring that your supply chain has the appropriate layers of cyber security in place so that they’re not the weakest link offering a potential attack vector to cyber criminals.”
Planning and structure are critical within any cyber strategy, according to Damon Rands, in order to minimise disruption time. PureCyber’s professionals offer a suite of bespoke packages to help create a nation of cyber savvy SMEs, confident in their cyber security capabilities and resilience.
He says: “One of the most important points to raise in this situation is that although, of course, prevention of attack is better than cure; having solid governance, policies and scenario planning for cyber incidents is paramount to reduce the negative impact and downtime of an attack.
“Critically, you never want to be in a position of being surprised by a cyber security event, such as a hack, ransomware or the loss of a critical application. The best way to do that is to prepare for the worse that could happen. If you did lose access to a major piece of software, critical application or to data that is essential to your business continuity, what contingency plans do you have to maintain a certain level of service? It’s absolutely key and so important when it comes to cyber security and management of risk.”