By Adrian M. Reodique
Nov. 18, 2016
Eddie Schwartz, CISA, CISM, CISSP-ISSEP, PMP, board director of ISACA, chair of ISACA's Cybersecurity Working Group.
With the increasing number of ransomware incidents, businesses in the Asia Pacific (APAC) region must not only invest in technologies to prevent such attacks, but also educate their employees to increase their cybersecurity awareness.
"The key thing is that no matter how good your defences are, you are always subject to the human factor," Eddie Schwartz, Board Director of ISACA and Chair of ISACA's Cybersecurity Working Group, said in an interview with CIO Asia.
"Most organisations spend an awful lot of money hoping they can prevent attacks from a technological perspective. What we've all learned is that targeted attacks start from the human end users. By educating the people in your organisation to be more aware and more careful with the e-mails and programmes they open, the risk of ransomware attacks will be significantly lowered," he continued.
In fact, a survey by Trend Micro revealed that "employees' lack of knowledge" is the biggest insider threat to a company's cybersecurity posture.
Meanwhile, Schwartz considered ransomware as one of the fastest-growing cybercrimes this year. Ransomware is a type of malware which block users from accessing their documents until a ransom is paid.
In line, Schwartz noted the evolution of ransomware can be attributed to the ongoing vulnerabilities both in social engineering and common desktop systems and platforms. "The motive and intent of cyber criminals have also changed, which means that attacks are more targeted to individual organisations that criminals are pursuing. Ransomware continues to also be successful due to poor recovery strategies by many organisations," he added.
Ransomware incidents can cause businesses to lose sensitive or propriety information, face disruption to its operations, incur financial losses to restore systems and files, and cause irreparable damage to their reputation, said Schwartz.
As such, he advised organisations to put comprehensive ransomware defences in their cybersecurity programme planning, processes and technology to defend their business against ransomwares.
Schwartz also underscored the need for more skillful cybersecurity professionals. "There is definitely a need for technical security experts and cyber security employees to undergo ongoing training [to familiarise themselves with new] techniques to identify, respond, and recover from complex cyber-attacks. These skills need to be battle tested in real-world scenarios."
When asked if organisations should pay the ransom in exchange of encryption tools, he said: "While there is no perfect defence for ransomware, recovery can be achieved without payment of the ransom."
Other security threats in Asia Pacific
Aside from ransomware, Schwartz said the region also faced an increasing nation-state attacks which aim to test the resiliency of its military and economy. "Attackers and cybercriminals are most focused on stealing information, money or both."