Defending firms from ransomware attacks

People, process and technology are the best defence an upcoming Bank of Ireland cybersecurity webinar will hear.

The attack last year on the HSE was costly from the perspective of the chaos it caused across Ireland’s health service in the midst of the Covid pandemic, but instructional in terms of how easily it happened and how it can impact any organisation.

Daily and weekly, businesses across the world are being targeted by cybercrime gangs and Irish organisations and small businesses are no different.

“Cybersecurity is everyone’s responsibility and cannot be seen as the responsibility of IT or the organisational leader”

On 20 January Bank of Ireland Sectors will host a webinar about the impact of cyber-crime on Irish businesses. Cyber-attacks are an evolving threat and can impact any organisation in any sector.

The panel will consist of Bank of Ireland head of Technology, Media and Telecoms Paul Swift, Detective Inspector Brian Halligan from the Garda National Cyber Crime Bureau, chair of the Cyber Skills Ireland initiative Carmel Somers and Paul O’Brien, Group Security at Bank of Ireland.

The panel will discuss how cyber-attacks take place, what to look out for and some recent case studies. The aim of this event is to highlight the potential threats and provide advice on implementing a ‘cyber-aware’ mind-set within organisations. We will outline how businesses can access relevant training to enhance their protection and what to do in the event of a cyber incident.

People, process, technology

Speaking to ThinkBusiness ahead of a forthcoming Bank of Ireland Sectors webinar on cybersecurity for Irish businesses, Detective Inspector Halligan said the scale of attacks like those on the HSE are on the rise and have become a lucrative business for cybercrime gangs.

“Every business and every individual is a potential target for cyber-attack,” Halligan said.

In 2021, about 37% of organisations globally reported that they were hit by a ransomware attack, according to IDC’s 2021 Ransomware Study. That number, according to most experts, will continue growing in 2022.

“For businesses by far the biggest issue has been ransomware in the last 12 months. Ransomware attacks have gone off the charts and we expect that to increase in 2022,” Halligan said.

Halligan recommended vigilance among business owners but said the heart of any kind of defence boils down to “people, process and technology. “

“Fundamentally, ensure your people are trained up so they won’t easily fall prey to phishing attacks and ensure that you have the systems and processes to protect and if necessary, recover your data.”

Bank of Ireland’s head of Technology Sector Paul Swift said the upcoming webinar on 20 January will aim to equip businesses with the knowledge they need to hopefully guard against and even prevent their organisations falling victim to cybercrime incidents.

“This really is one of the biggest business issues of the day and it is crucial that organisations have a data security plan and systems in place as well as training their people not to be the weakest link,” Swift urged.

“It is no longer just about protecting your business, but also your entire supply chain and the financial and reputational impacts that go with that.”

Carmel Somers agreed with Halligan’s observation about people, process and technology and said that in 2022 cybersecurity awareness and vigilance must transcend every organisation. “Cybersecurity is everyone’s responsibility and cannot be seen as the responsibility of IT or the organisational leader. Cybersecurity learning and awareness is an ongoing process.

“Organisations need to broaden their approach to hiring cybersecurity professionals, there are a range of cybersecurity talent pools in the marketplace.”

Paul O’Brien, Group Security at Bank of Ireland, said that cybersecurity isn’t just a technology issue, it is a people issue. “Every business needs to think about their cyber risks and more importantly, what they can do about them. 

“The kinds of cybercrimes that affect businesses are often made to sound very complex but there are a few simple steps that you can take to prevent them.  For example, make sure that everyone in your business knows that they should never ever change bank account details for a supplier or make a payment just based on an email – always check first with a quick conversation or phone call.”

The Bank of Ireland webinar on cybersecurity for Irish businesses will take place on 20 January at 10am. To learn more and register CLICK HERE

John Kennedy
Award-winning editor John Kennedy is one of Ireland's most experienced business and technology journalists.