kaptn - Fotolia

Ransomware threat driving users to seek channel help

The increase in ransomware is leading many customers to consider working with the channel to protect themselves

The recent high-profile WannaCry and Petya ransomware attacks have put the issue of data protection under the spotlight. They have also given those selling security something to talk to customers about.

Although the security market has moved away from the old days of selling on the basis of fear, uncertainty and doubt (FUD), the stories about parts of the NHS grinding to a halt will have given any customer looking after data a few sleepless nights.

These attacks have led to more business for the channel as customers react to the growing threat.

“We have never seen so many RFP’s [requests for proposals] or been invited to review the IT health of so many customers or prospects,” said Ross Baker, sales director at Trend Micro.

“The high-level concept of the channel is breadth. We [suppliers] can’t reach all the customers and will never have the depth of relationship those partners do. Most importantly, the ‘opportunity’ these outbreaks presents is to partners that can add value technically.

“What we have also seen after these outbreaks is the channel becoming wary of best-of-breed technology. Products that only serve one, often niche, purpose and don’t communicate with the other solutions in play,” he added.

The advice for the channel is to talk to customers in a way that is designed to help rather than frighten them about how to prevent further attacks.

“For channel companies, the first impulse should be to ask, ‘How can I help?’. Using trial periods for solutions can provide additional insight into what issues might exist that the organisation has not fixed, or help them prioritise what issues they have so they don’t fall victim to attacks,” said Darron Gibbard, managing director of Northern Europe at Qualys.

“The main element here should be how this can get customers on a better footing and prepared for the future. Having an accurate list of all assets and security vulnerabilities, prioritised specifically for them, can provide a great starting point for conversations about how to improve further security planning and stop attacks,” he said.

Picking up the security baton

Like a lot of things to do with security, the ransomware issue is not new, having been around for a few years, but it still seems to have caught companies by surprise, with many enterprises lacking appropriate defences.

“The scale and number of organisations that were affected [by the Petya and WannaCry ransomware] and the length of downtime suffered highlight just how woefully underprepared most are to defend against the threat,” said Andrew Stuart, managing director of Europe, the Middle East and Africa at Datto.

“If larger companies are struggling, smaller firms – which often lack the resources and expertise–  are even more vulnerable. They often invest in preventative cyber security features – such as antivirus software and firewalls – but are left unsure about what to do when a strain of ransomware inevitably infiltrates the network and takes hold.

“Some pay the ransom, believing it to be the lesser of two evils when compared with costly downtime, while others simply consider the data gone,” he said.

Gone in 60 seconds

Earlier this year, Timico and Datto undertook research into ransomware and found that more than half of those organisations that had been hit by the problem watched in horror as their data systems went from fully functioning to useless in minutes.

Almost half (41%) of those quizzed reported their systems being locked down in less than 60 seconds. The consequence of the ransomware attacks was serious business disruption, with many suffering thousands of pounds of financial damage.

“These research findings clearly show that the speed of a ransomware attack is almost instant, while the effects on the organisation can be far-reaching,” said Nabeil Samara, chief digital officer at Timico.

“It’s not just a case of the data loss and financial cost to the business. A ransomware attack can have a debilitating effect, with long-term consequences across the business, with the company even breaching terms of any regulatory bodies that the business holds itself accountable to,” he added.

Stuart suggested that these customer challenges present an opportunity for managed service providers (MSPs) to step in and pick up the security baton from users.

“Some businesses cannot afford sustained investment into cyber security and data protection, and do not have the skillset to use what they do buy to its full potential,” he said.

“By outsourcing to MSPs, firms gain ongoing access to a team of experts, who can provide assurances around the availability and quality of cyber security tools, as well as education about the latest threats and how they can be mitigated,” he added.

The other reality for the channel is that, as memories of the most recent attacks fade, there is a feeling of inevitability that another one will strike soon, and the debate with those customers yet to take steps to protect themselves will get another shot in the arm.

Read more on Data Protection Services