19th July 2017

By Danny Mills – Head of Enterprise Sales (North).

Your data is your business, it’s as simple as that. No organisation can function without digital records covering customers, suppliers and staff. Critical intellectual property will also almost always be held digitally. So, protecting data is vital. Historically, all firms needed to worry about was a server or hardware failure. That’s still an issue for some, but added to this is the increasing risk of cyber attacks.

The recent ‘WannaCrypt’ ransomware attack has brought this into sharp focus. It has affected hundreds of thousands of computers globally, including several NHS Trusts, Germany’s rail network Deutsche Bahn, Telefonica, US logistics giant FedEx and Russia’s interior ministry. The fact that the cyber criminals behind the attack were able to utilise tools first developed by the US National Security Agency gave the attack a new potency.

A ‘wake up’ call for all businesses

The attack has been described by many, including Microsoft President and Chief Legal Officer Brad Smith as a ‘wake up’ call and it is exactly that. It’s easy to point the finger of blame, but it’s different when you’re at the coalface running real IT systems. WannaCry was exceptional in terms of the level of sophistication. We have seen ransomware before of course, but what’s different here is the ‘military grade’ code behind it. It is possible that patched systems would have stopped or slowed the attack, but for enterprise organisations running hundreds or thousands of individual machines applying the updates is still a relatively time consuming process.

Last year, 40% of UK firms were attacked by ransomware. Whilst ransomware does not ‘steal’ information as such, it instead encrypts data so that users cannot access it unless (in theory) they pay the criminals and obtain a ‘key’. But this is playing a dangerous game since it’s not unknown for cyber criminals to simply vanish and pocket the cash. Most agree that paying the cyber criminals is not a sensible step – all it does is perpetuate the problem.

And, of course, organisations can still lose data through a variety of other means. Server and hardware failures are relatively common… as is an employee accidentally deleting files. Indeed, ‘accidental deletion’ happens in most organisations almost every day. In another example a disgruntled employee might wipe data, or take data to their next job. To add perspective, some 70% of the successful attacks on businesses came from internal threats like employees and contractors. Even small data losses – those with fewer than 100 files lost – are estimated to cost organisations between £14,595 to £28,793.

Have a plan in place and test, test, test!

Where this leaves us is to reinforce the importance of backups. Simply put, if data is properly protected then most of these issues are mitigated. Taking again the example of ransomware, an attack could still infect computers (and take businesses offline for a while) and be hugely disruptive, BUT the attackers are left without leverage because the data can be recovered and the firm remains in business. It is a sad fact that statistics show that 70% of businesses that experience a major data loss are out of business within one year.

The message then to organisations is to test your backups today. Most organisations do backup data to some extent, but many never test that they can recover their data. Consequently it’s not until disaster strikes that they realise their recovery plan simply doesn’t work. So, if a company hasn’t tested and validated its backup for three months, then it could be three months worth of data that the organisation loses.

Aligned to this point is the importance of determining the backup cycle. It should be as close to real time as possible. If the cycle is set to backup data at the end of the day, then that leaves a ‘data gap’ of 24 hours that may not be recoverable. That’s sufficient to significantly disrupt most companies. The emphasis therefore needs to be on recovery so that in the event of a serious issue, the firm is able to resume ‘business as usual’ as quickly as possible.

Recent events may indeed turn out to be a ‘game changer’, but they are already a useful ‘wake up’ call for us all. If it means that organisations properly assess their data backup (and business recovery plans) then undoubtedly some positives will emerge from the WannaCry attacks.

What are your next steps as a business? Having a reliable IT partner in place who will run validity checks, data recovery tests and propose solutions to mitigate the risk is key. That partner should ensure that your business is patched, protected and resilient in the face of the escalating attack environment.


Danny Mills is Head of Enterprise Sales (North) at GCI

Responsible for managing the Northern Enterprise Sales team, Danny is an accomplished, experienced leader with a proven ability to build and lead teams who create and deliver sustainable results. Additionally, with experience in technical pre sales, Danny and his team are able to add real value with a consultative approach to IT Managed Services for all of GCI’s enterprise customers.