Cyber Resilience. Can companies like Vestas, which had a ransomware attack on November 19th, rebound from a cyberattack?

Watch Now!

Video: Cyber Resilience - Can Companies Like Vestas Rebound From An Attack? With Byron Martin

Byron Martin, CEO of Teknologize, joined Weather Guard Lightning Tech on their Uptime Wind Energy Podcast to talk about the Vestas ransomware attack and the concept of cyber resilience: How companies can rebound after a cyberattack.

Hacker Timeline

Byron Martin walks through the typical hacker timeline, what entry points they utilize to breach your network, the time they take to investigate the data and work their way up the chain until they have gained greater access, called lateral movement and privilege escalation.

Once they have gained the most access, they then exfiltrate the data. From there they execute ransomware. This timeline on average is 6 months from point of entry to ransomware detonation.

Cyber Resilience

That’s where Mr. Martin introduces the concept of cyber resilience. Every organization needs an Incident Response Plan in place and to expect to be breached. It’s not a matter of if, but when. And what has that organization done to mitigate the impact of that cyber event or cyber breach?

There need's to be multiple layers there. So, if one component is compromised, there’s a barrier. This means establishing continual controls and processes within organizations, not from just a technical standpoint, but from an operational and executive standpoint on managing business risk. And it needs to be evaluated on a regular basis. Which makes implementing tabletop drills and reviewing Incident Response Plans regularly so vital.

Two years ago, the conversation was organizations need to prevent an attack. Well, yes, you still have to do that. However, now we need to be asking a lot more questions on what to do when it happens.

Cyber Insurance

Lastly, every business should have cyber insurance. What’s interesting today is we’re seeing cyber insurance companies asking some deep and intensive questions that a lot of organizations are having to say no to. Companies are questioning if they have enough cybersecurity protection.

The conversation shifted deeper into the question "Are hackers targeting wind and energy strategically?"  Energy has such a substantial impact, not just financial, but serious impacts on our daily lives and our ability to live and operate.

Power and other utilities must get back online ASAP. That drives the price of ransomware higher and the urgency to just pay and be done with it. Additionally, there is a greater risk in that the IT systems get outdated quickly because of continued innovation.

Teknologize is a Managed Service Provider with clients throughout the Pacific Northwest with offices located in the Tri-Cities, Washington 509.396.6640, Yakima, Washington 509.396.6640, and Bend, Oregon 541.848.6072. Questions about cybersecurity?  Give us a call today!