In light of the recent ransomware attacks on the Florida-based IT Management Software firm, Kaseya, the Cyber Resilience Centre for Wales is advising businesses to strengthen their online security protocols to combat ransomware attacks in Wales.
Business News Wales spoke to Paul Peters, a Detective Superintendent and the Managing Director of the Cyber Resilience Centre for Wales, about what the recent attack on Kaseya has exposed about cyber security practices and why Welsh SMEs need to further improve their supply chain encryptions on corporate networks to avoid similar trends occurring across Europe and North America.
“Ensuring your staff have an awareness of this risk is really important, and knowing what to look for is key to protecting your business. As well as that you need to ensure that your data is backed up, but also ensure that your backups are disconnected from your network. What this means is if you are hit by ransomware, you still have a safe copy of your important data.”
“If you rely on others, so outsourcing to a service provider, have you asked the question of how often do they backup? Where they backup? Or how quickly they can recover a backup for you? And also, don’t just rely on passwords – consider using multi-factor authentication, such as an authenticator app which provides [you] with a code – meaning that a third party can’t access [your] account without a phone or tablet with the app on.”
“When you think of your supply chain, I think you need to understand the risks posed by your suppliers – that’s the first step to take. Try and get an understanding of what their security looks like, consider setting minimum security requirements, such as cyber essentials or other security certificates.”
The Cyber Resilience Centre for Wales also published a supplementary blog explaining some of the recommended actions SMEs can take to improve cyber security within supply chains, which you can read here.