In a constant news cycle of cybersecurity events, this month’s news featured a new round of BlackByte ransomware attacks. BlackByte is a type of ransomware that targets and attacks Windows drivers. Though these drivers are legitimate, the ransomware allows criminals to bypass your security solutions. Further, just this week, sources noted BlackByte’s is using a new tool to house your stolen data in the cloud. This advances BlackByte’s capabilities beyond the original round of BlackByte ransomware attacks, which used phishing emails to get into victims’ systems.
Unfortunately, it’s not the first time the BlackByte ransomware group made headlines. The group has been using a ransomware-as-a-service model to attack victims since summer 2021. While you’re probably not surprised by the constant stream of cybersecurity threats, the BlackByte news could seem especially jarring to small and medium business owners. Especially those who assume their underlying third-party components—in this case, Windows drivers—cannot be used as attack vectors.
So, as a business leader, what should you take away from this recent BlackByte news? The bottom line is that these cyberattacks will continue to happen with increasing frequency. And as the Windows driver scenario suggests, you shouldn’t be spending valuable hours trying to predict the next threat or how to protect your business. Instead, you should choose an outside vendor that has a cloud security solution as one of its core business lines—a vendor that can act as a full, accountable partner in cyberattack prevention, protecting your applications, devices and data.
To find this security partner for your business, consider these five must-have capabilities:
1. Takes cybersecurity awareness seriously
Unless you have a full-time security expert on staff, you likely can’t keep up with the fast-moving trends across the security market. The threat landscape is constantly evolving, and with many of us using a variety of business applications every day, staying on top of recent cyberattacks is itself a full-time job. You should choose a cloud security vendor that has an in-house cybersecurity team that is constantly and proactively studying the state of cybersecurity—a vendor that is able to selectively update you on the threats that impact your business and your employees. These customer updates should be targeted, frequent and include proactive steps the vendor is taking to keep your business safe in response to the changes across the threat landscape
2. Considers people, processes and technology related to updates
As technology has evolved, your business should no longer have to suffer extended downtime in the name of remaining secure. Make sure you talk to cloud security vendors you are considering about their approach to updates by asking them these questions:
- How much automation is in place?
- When do you run them?
- How frequent are they?
- Will there be any system downtime?
Updates should take place without disruption to your business, and, in the best-case scenario, without much or any action from you as the customer.
3. Has a documented disaster recovery strategy
You may have heard security thought leaders mention that it’s not a matter of if but when, referencing the fact that everyone is a potential victim of cybercrime. As a business leader, your client and business data integrity is at the core of the value you offer your clients. If this data is compromised, your operations, as well as your reputation, will suffer. Given this, you shouldn’t be relying on built-in cloud backup from individual third-party vendors as your only source of business continuity. Instead, you should have a complete disaster recovery strategy that includes backing up your cloud-based and on-premises devices and data.
4. Supports virtual, hybrid and in-person work teams
COVID exposed the gaps in security plans for many businesses by creating a world in which teams work remotely. Two years later, your team may not only work remotely, but may occasionally meet off-site or have a hybrid office presence. Your cloud security vendor should be able to help you develop a security strategy that fits a mobile workforce, both in terms of underlying technology solutions as well as training and security best practices for your employees. Cybersecurity education is critical in cyberattack prevention. Keep in mind that today’s talent market often requires some geographic flexibility to hire and keep great employees. Your security policies should reflect this new reality.
5. Provides a holistic and easily managed cloud security solution
Rely on your vendor to suggest what you need based on industry best practices, rather than taking a pick-and-choose approach to deciding what security services you need from a long list of options. Your vendor should have a single solution that easily packages everything you need into one option. Further, your security approach should likely follow the cloud trend of subscription-based, monthly billing. This allows you to easily budget for and maintain your relationship with your vendor long term.
There is a common theme between these “must-haves” when looking for a security solution. The most important thing you can do is ensure that the vendor can go beyond offering you standalone software solutions for threat detection and mitigation. You should look for a complete program that offers protection for your data, but also your people. Ongoing threat research, data security, a solid disaster recovery plan and consistent cybersecurity education for employees checks all the boxes.
A good cybersecurity partner will help offload some of the worry and responsibility around ongoing security. This allows you to focus on running your business. This way, when you see news like the BlackByte ransomware attack, you can feel confident. You know data security is top of mind for your vendor, and your business will continue to run smoothly.
When was the last time you did a security check in-house? Take our quiz to see how healthy your approach is to security and your staff’s devices.