Statement by Jayson O’Reilly – Managing Director

The recent ransomware attack orchestrated by the hacker group Clop, targeting Progress Software’s application Move IT, serves as a stark reminder of the increasing cyber threats faced by organizations. This incident highlights the urgent need for heightened cybersecurity measures and proactive risk mitigation strategies.

To effectively mitigate the risk of such attacks, individuals and organizations should consider the following measures:

1. Robust Security Measures: Implementing strong security measures, such as multi-factor authentication, regular software updates, network segmentation, and robust firewall configurations, even the use of advanced user behaviour technologies can significantly reduce the risk of successful ransomware attacks.

2. Employee Training and Awareness: Educating employees about the dangers of phishing emails, suspicious links, and social engineering techniques is crucial. Regular training sessions and awareness programs can help individuals recognize and avoid potential threats.

3. Data Backups and Disaster Recovery: Maintaining regular backups of critical data and implementing an effective disaster recovery plan is essential. This ensures that even if ransomware strikes, organizations can restore their systems and operations with minimal downtime and loss.

4. Vendor Risk Management: Organizations should establish strong policies and procedures for managing the use of third-party services and vendors. Thoroughly vetting utilised application vendors for their security practices and ensuring their adherence to stringent cybersecurity standards can mitigate the risk of vulnerabilities in externally provided software. Solutions such as CASB’s and advance insider risk threat solutions can also go a long way in ensuring organisations have better control of internal applications and the use or transacting of internal and consumer data.

5. Incident Response Planning: Developing a comprehensive incident response plan is vital for organizations to handle cyber-attacks effectively. This plan should outline the steps to be taken in case of an incident, including communication protocols, containment strategies, and recovery processes.

6. Control breach simulation, will proactively inform organisations of their readiness capabilities to effectively deal and defend themselves against zero day attacks, ensuring organisations are well prepared.

7. Attack surface management, can also be implemented to help the organisation fully understand whether or not their brand is being targeted by relevant hacker groups, and then most importantly ensuring the current controls invested in have the capabilities to protect and prevent the organisation becoming another target.

Furthermore, organizations should prioritize periodic security assessments and penetration testing to identify and address potential vulnerabilities in their systems. Additionally, investing in additional advanced threat detection and monitoring solutions can help detect and mitigate emerging threats in real-time.

The recent ransomware attack utilizing Progress Software’s application Move IT by the hacker group Clop underscores the critical need for organizations to enhance their cybersecurity practices. By implementing robust security measures, educating employees, maintaining backups, managing vendor risks, and establishing effective incident response plans, organizations can significantly mitigate the risks associated with such attacks and safeguard their valuable data and operations.