Stories of cyber-attacks hit the news almost daily – data breaches, DDos attacks, email hacks and phishing attacks – reminders of the dangers of the internet. Yet somehow all of these attacks still seem foreign- as though it would never happen to us.
The reality is, South African businesses are affected by these threats. IQ Retail MD, Chris Steyn knows this all too well and has seen first-hand the dramatic rise of new age threats such as ransomware.
Software company IQ Retail, provides expertise in complete financial and business administration solutions, focusing on the development of business systems for the accounting and retail management environment. Since its inception in 1986, IQ Retail has grown to become one of the premium providers of innovative business solutions.
“Few businesses realise the seriousness of these threats and the damage they can have on a business”, says Steyn. ” The problem we have found is twofold; firstly, businesses do not have adequate security software protecting their network, and secondly, they do not have effective backups in place”, continues Steyn.
He recognises that these advanced threats stem from a situation in which hackers no longer need to be tech savvy, with access to ready-made Malware toolkits available on the dark web. New malware variants are created daily and many security vendors are unable to keep up. As a result, businesses are being attacked more often and Cybercrime has become more profitable and easier to implement than ever before.
Speaking from his experience working with many South African businesses Steyn says, “We have noticed two week spikes in attacks that most often occur on the weekend when there are few people in the office. This puts businesses in a tough position that often leads to payment of the ransom or worse, a loss of company data”
Taking note of the shifting dynamic, IQ Retail developed a multi-layered approach, implementing security solutions at every level of their infrastructure, as well as ensuring backups are in place and procedures are being followed. Despite their efforts, Ransomware was still able to penetrate their network.
In order to prevent further breaches, Steyn and his team did extensive research into solutions offered by various vendors. They discovered that conventional AV solutions are unable to prevent zero-day Ransomware and other advanced threats from entering the network.
Steyn turned to Panda to implement a final effort to mitigate the threat of Ransomware. “Through our research, we realised that Panda’s Adaptive Defense 360 software is the only solution that could give us comprehensive protection. AD360 allows us to proactively manage the security on our network and track possible risk situations” says Steyn.
Steyn explains that the current environment requires new generation protection solutions such as Adaptive Defense 360 that provide an Endpoint Detection and Response (EDR) service to accurately classify all running programs on your network. This means that only legitimate programs are able to run.
Panda’s EDR technology model is based on three phases: Continuous monitoring of applications on a company’s computers and servers. Automatic analysis and correlation using machine learning on Panda’s Big Data platform in the cloud. Finally, Endpoint hardening and enforcement – blocking all suspicious or dangerous processes, with notifications to alert network administrators.
AD 360 combines EDR with full conventional Endpoint Protection (EPP) to deliver comprehensive protection.