Be prepared: a cyberattack on your business is inevitable

15 May 2017

The NHS and countless other targets around the world are in the midst of a massive series of cyberattacks. From what we know about the attacks so far, it is clear that had some relatively straightforward precautionary actions been taken, many of the affected targets would not have been vulnerable to this particular attack. 

There are a number of straightforward, yet effective, steps you can take to reduce your risk of becoming a target.

  1. Make sure the operating system your business uses is up to date with the most recent patches installed. If your operating system, such as Windows, is too old to be supported by updates, then upgrade your operating system as a matter of urgency. It has been reported that many of the NHS Trusts targeted are still operating from the now aged Windows XP.
  2. Ensure your anti-virus software is kept up to date with the most recent upgrades available. 
  3. Keep your IT systems clear of any old and unused software.
  4. Ensure that you have an organised and consistent approach to IT security, particularly in larger organisations, so that you can avoid having unnecessary vulnerability in your IT security.
  5. Ensure you have a robust system of backing up your data. Back ups should be isolated from your main IT set up so that it has standalone integrity and will not be vulnerable to the type of ransomware used in the NHS attacks. This particular type of ransomware, a worm, searches out different areas of attack once installed on to a system. Therefore if your back up system is not isolated, it can be attacked by the same ransomware and will therefore be useless to you.
  6. Test your back ups on a regular basis as part of a wider business continuity plan. Rehearse scenarios where you are likely to need to call upon your back up data. These rehearsals should take into account any reliance you have on external providers who may themselves be targeted by cyberattack. What would you do if you were without that particular provider?
  7. Watch out for malicious insiders. If employees have the ability to cause severe damage and disruption to your IT system, consider using internal monitoring software.
  8. Watch out for careless insiders. Careless employees are often the main source of cyber attack. Train staff not to open suspicious attachments and to avoid giving away information which could be used by criminals to launch attacks. 
  9. Keep front of mind that your business is a continuous target to cyber criminals and that an attack at some point is inevitable.
  10. Get cyber insurance to cover potential losses from a cyber attack and to fund the cost of repairing and mitigating any damage.       

Further reading

The meaning of vacant possession – useful guidance from the Court of Appeal

Blog, Legal Updates
Cheraine Williams considers the facts of a recent case but urges tenants not to rely solely on the outcome
Read more Read

Employer's question: the right to appeal a redundancy dismissal

It is common practice to offer the right to appeal against a redundancy dismissal. If you are considering not doing so, tread carefully.
Read more Read

Can I disinherit my children?

"American Pie" hit maker, Don McLean, is said to have disinherited his daughter after her claims of emotional abuse. Is it really that easy?
Read more Read

DMH Stallard Corporate team wins major industry award

Blog, News & PR
Private Equity / Venture Capital Deal of the Year 2021 awarded to deal led by Abigail Owen
Read more Read
  • Brighton Office

    1 Jubilee Street


    East Sussex

    BN1 1GE

  • Gatwick Office

    Griffin House

    135 High Street


    West Sussex

    RH10 1DQ

  • Guildford Office

    Wonersh House

    The Guildway

    Old Portsmouth Road



    GU3 1LR

  • Horsham Office

    Ridgeland House

    15 Carfax


    West Sussex

    RH12 1DY

  • London Office

    6 New Street Square

    New Fetter Lane


    EC4A 3BF

  • Get in touch