Ransomware: Does Your Company Have a Defense Strategy?

News last month that hackers have stolen confidential plans for upcoming Apple products, from an external supplier, provides a timely reminder of the growing threat of ransomware attacks – and how they can hit at any point of a corporate supply chain. In an increasingly globalized and digitized market, cybersecurity considerations must be extended beyond a business’s four walls, as BIG Language Solutions’ Luis de la Vega explains.

Ransomware poses a threat to all businesses that hold and communicate their data online. Like most forms of cyberattacks, this threat is always evolving. This can make it difficult for organizations, including major tech giants, to effectively police and control access to sensitive data and confidential documents. According to cybersecurity specialist PurpleSec, ransomware attacks are estimated to cost USD 6 trillion annually by 2021 with the average cost per business per year more than USD 75 billion. Its research also reveals that a new organization will fall victim to ransomware every 11 seconds by 2021, making ransomware defense strategies a core priority for IT and security departments.

Cybercriminals have a knack for finding the weakest link in the data communication or data storage chain. As with the recent Apple incident, where the company’s products were targeted via its manufacturer Quanta Computer in Taiwan, this weak spot can often be found in the systems and security protocols used by trusted external partners and suppliers.

Any business that uses vendors or contractors needs to consider cybersecurity across the complete lifecycle of data and documents, therefore. This should include everything from the systems used to share data and documents to the devices on which they access, process, and store the work. Yet, many companies do not know how their data or documents are being processed, let alone whether – or even how – their internal security protocols are being followed outside their business’s own four walls.

What is ransomware?

 

Ransomware describes a type of malicious software (malware) that hijacks a company or individual’s data and threatens to block access to it unless a ransom is paid. It is often the result of a virus that an employee or private individual is tricked into downloading (e.g., via email attachment) that encrypts their computer files, locking them until payment is received for the decryption key. 

While the amount of ransom demanded can vary, the attacks can be crippling for companies and individuals. In 2020, high-profile ransomware attacks hit everyone from private individuals to global banks, e-commerce giants, government organizations, and hospitals, and vast sums are at stake. According to ransomware incident response firm Coveware, the average payment for a ransomware attack was USD 178,000 by mid-2020.

Coveware’s research also found that small- and medium-sized professional firms are one of the biggest targets for ransomware attacks, with more than 70% of ransomware incidents in the US reported by companies with fewer than 1,000 employees in Q3 of 2020. Such companies are particularly at risk as they tend not to have large IT teams, may not have disaster recovery protocols in place for important data, or even believe that they are at risk in the first place.

Understanding the links in the security chain

 

Part of this is due to time pressure, of course. As businesses have expanded globally, we have seen increased commoditization of once internal business processes, where tasks have been split up, packaged or bundled up, and then outsourced to suppliers. Today, business process outsourcing includes everything from lower-cost manufacturers in Asia to Language Service Providers (LSPs).

While cost and speed may once have been the biggest drivers for outsourcing, quality and security have now also risen in importance – and rightly so. In the context of cybersecurity, any supplier that touches sensitive and confidential data may now pose businesses a threat. In our industry, for example, that could include a linguist inadvertently exposing sensitive documents by choosing to work from an internet cafe, losing their laptop, or emailing confidential files using a personal account.

It should go without saying, that businesses need to work with vendors that have robust security protocols in place to control data communication and collaboration. One way to achieve this is to extend the cybersecurity standards and protocols that are followed internally to their external vendors. This should include measures relating to firewalls, data and document retention, disaster recovery, and password control, for example. From a ransomware and malware perspective, antivirus software and data back-ups are also critical, including threats specific to common attack vectors.

Alternatively, companies should look to work with vendors that have built security protocols into the very core of their business. Only then will they be able to provide a fully secure system for managing sensitive and confidential data that guarantees the security and retention of all documents, end to end, during the outsourcing process.

Share this post

Share on facebook
Facebook
Share on twitter
Twitter
Share on linkedin
LinkedIn
Share on email
Email

Don’t Stop Here

More To Explore

  • All
  • Case Studies
  • Consumer Goods & Retail
  • Education & eLearning
  • Entertainment
  • Events & Hospitality
  • Financial Services
  • Government & Defense
  • Healthcare
  • Insights
  • Insurance
  • Interpretation
  • Legal
  • Manufacturing
  • Market Research
  • Marketing & PR
  • Miscellaneous
  • Multimedia
  • News
  • Security
  • Translation
  • Travel
All
  • All
  • Case Studies
  • Consumer Goods & Retail
  • Education & eLearning
  • Entertainment
  • Events & Hospitality
  • Financial Services
  • Government & Defense
  • Healthcare
  • Insights
  • Insurance
  • Interpretation
  • Legal
  • Manufacturing
  • Market Research
  • Marketing & PR
  • Miscellaneous
  • Multimedia
  • News
  • Security
  • Translation
  • Travel
translation memories

How to Expand Your International Footprint Through Localization

To succeed, a company must be physically, linguistically, and culturally accessible in every market in which it operates. Localization, or tailoring a business, service, or …

Read More →
Localization Challenge

Emerging Markets and the Challenge of Localization

There is huge potential to open up new revenue streams in emerging markets around the world. But to do that, you need to offer your …

Read More →

How to Surround Every Point Your Assets Touch with Security

In today’s globalized and increasingly digitized world, protecting confidential and sensitive corporate and customer data is paramount, not only for a business’s success but also …

Read More →

eBook: Spotlight on Security

Why today’s cybersecurity policies must cover external suppliers if companies are to protect their confidential data from theft or attack. Download our complimentary eBook on cybersecurity best practices for timely guidance on safeguarding corporate data while working with an external Language Service Provider.

Read More →

Why You Should Probably Change Your Password

The stronger a password, the better protected both computers and networks will be from hackers and malicious software, and yet many of us default to …

Read More →

Case Study: How Speed and Accuracy Delivered 25% Lower translation Costs for Corporate Visions

The Company Corporate Visions enables ‘conversations that win’ via science-backed training and consulting solutions delivered in both instructor-led and asynchronous formats. This includes products, such …

Read More →

got a question? send us a message.

send us your info, and we'll get in touch asap! 

no thanks, take me back to your site

ready to learn about transforming your business?

no thanks, take me back to your site

SIgn up to learn how we slashed costs for a major credit card company