By Mick Bradley, VP EMEA, Arcserve
We have seen the massive financial ramifications of ransomware attacks, with January’s well publicised attack on Travelex thought to have caused £25 million pounds in lost earnings, in addition to the £2.3 million that was paid to hackers. However, the impact that these incidents have on customer loyalty and trust has not been given the same attention, despite how critically important it is to a business’ long-term success.
Our recent survey found there is no compassion shown towards businesses that suffer ransomware attacks and take too long to recover, and that these memories continue to have significant and long-lasting effects on consumer perception. Almost 6 in 10 consumers said they would likely avoid purchasing from a business that had suffered a cyberattack within the past year, and just under half would avoid businesses that suffered one within the last three years -an extremely long time in the world of IT. Financial institutions may well end up paying dearly for mistakes made in the past, even though their ransomware prevention practices may have improved significantly in that timespan.
In the finance industry, trust is especially key. Nearly half of consumers would walk away from a bank or securities provider after a single ransomware-related disruption. In fact, consumers of financial services are more likely to make the switch to a competitor in the wake of a ransomware attack than those in healthcare, insurance, utilities or retail. Where consumers choose to put their money is a sensitive, emotional topic and this is clear in how UK consumers vote with their wallets in response to ransomware incidents. This clearly shows that cyberattacks have much more severe revenue implications than simply the short-term costs, so it’s critical that financial institutions make use of IT best practices to defend themselves if they are to have any hope of keeping the trust of UK consumers.
How financial institutions can prepare for ransomware attacks
Employee training will always be a vital component of ransomware prevention, particularly considering the ongoing prevalence of phishing attempts and sophisticated email fraud. But banks also need the right underlying IT infrastructure to support this. Good disaster recovery planning starts with having a firm idea of your organisation’s recovery point objectives (RPOs), or how much data a business can afford to lose, and recovery time objectives (RTOs), how quickly that data can be recovered. However, this is often no longer enough. As a result of increasingly sophisticated methods being used by cybercriminals, backups themselves are now prime targets for ransomware attacks, and should be treated as an essential part of critical infrastructure. Organisations would be wise to integrate threat detection protocols that can effectively detect and neutralise incoming ransomware threats targeting backups. Otherwise, they risk losing their final line of defence and sacrifice their chances of maintaining business continuity.
A hybrid cloud-based approach to disaster recovery, where a mixture of private, public and on-premises storage is utilised, can also be extremely useful for banks. Having multiple recovery locations adds an additional layer of safety to IT infrastructures. As workloads and applications are stored both on-premises and in the cloud, this means that data remains secure and readily accessible if an on-premises server malfunctions or a public cloud backup provider becomes compromised. This means consumers can enjoy the 24/7 levels of service which they have become accustomed to.
Investing in the proper foundation for ransomware protection also brings opportunities and represents a way for financial institutions to differentiate their products and services from the competition and can be an excellent return on investment. Over half of those we surveyed said they would pay more for products and services they thought could reliably secure their information.
How the speed of recovery affects consumer perception
Ransomware attacks happen, and with the threat of human error and the constantly evolving litany of cyber threats, they can be hard to avoid completely – even with the implementation of rigorous cybersecurity practices and employee training. However, the way in which banks maintain their business continuity and bounce back from cyber-attacks is a decisive factor in consumer perception. Our study found that half of consumers would be willing to switch their financial services provider within just 24 hours of being forced to wait to access their information or make a transaction.
Maximizing your organisation’s ability to recover quickly is key. As a result of today’s on-demand economy, consumers have become accustomed to a high standard of service as result of their experiences from other industries. This means they will settle for nothing less than constant, instantaneous access to their money – particularly with the rise of the new challenger banks. As a result, banks should explore solutions which enable true ‘continuous availability,’ where there are no interruptions to customer experience because data and systems are being replicated in real-time. Banks should ensure that they are exploring options that provide true automatic fail-over, as opposed to “manual fail-over” where switchover isn’t triggered automatically, leading to increased delays, expenses, and upset customers.
With new strains of ransomware emerging on almost a weekly basis, entirely preventing their effects is a formidable challenge – however, it’s a challenge that’s uniquely consequential for the UK banking industry. Though consumers in other sectors may be marginally more lenient, even one ransomware attack, if not handled properly, has the potential to impact revenue for years to come. Banks should instead take an aggressive, informed approach to maintaining business continuity in the face of ransomware, because the consequences are dramatically further reaching than the weekly news cycle.