Episode 79: Understanding Ransomware Vanessa is joined by Brian Kirk, director of cybersecurity for Elliott Davis, LLC, a Southeast-based accounting and consulting firm. The subject is ransomware, specifically ransomware, as it impacts small businesses. Ransomware attacks on companies with 100 or fewer employees get little publicity, says Vanessa, and most small business owners underestimate the danger. Brian explains that fully half of the ransomware attacks are against small companies. Brian and Vanessa make the following additional points: • Small business owners should not assume their managed IT service providers will protect them from ransomware attacks or give assistance if attacks occur. • Small businesses are strongly advised to set up offsite data backups, implement audit logging, purchase cyber insurance, and devise an incident response plan. • Obscurity does not equal security. Cybercriminals are proficient at finding vulnerable companies, even ones with few employees and a low profile. Vanessa also points out that small businesses provide most jobs in America and make up the supply chain for the Fortune 500 companies. Brian shares the bizarre story of a doctor's office that was hacked and—after paying the ransom—was coached on how to recover its files by a help desk person working for the hacker. [LINKS MENTIONED] Disaster Recovery Journal: Register for DRJ's weekly (Wednesday) webinar series at https://drj.com/webinars/up-coming/ Register for DRJ Fall 2021: A Virtual Experience at https://drj.com/fall2021/virtual/ Asfalis Advisors: https://www.asfalisadvisors.com Apply to be a guest on the podcast: https://www.asfalisadvisors.com/decoded/ Download the 5 Step Crisis Strategy: https://www.asfalisadvisors.com/services/ Request Vanessa Mathews as a Speaker: https://bit.ly/VanessaMathews Connect with the podcast! • Email us at podcast@drj.com • Podcast Website: https://drj.com/decoded/ • Twitter: https://twitter.com/BRDecoded • LinkedIn: https://www.linkedin.com/showcase/business-resilience-decoded/ Brian Kirk, guest Brian Kirk is the director of cybersecurity at Elliott Davis, LLC. Based in Greenville, South Carolina, he has worked in the information security field for 11 years and in IT for a total of 29 years. He was formerly the head of information security for a Fortune 500 engineering and construction firm and is a graduate of Clemson University. • Elliott Davis, LLC: https://www.elliottdavis.com/professionals/brian-kirk/ • LinkedIn: https://www.linkedin.com/in/brianekirk Vanessa Mathews, host Vanessa Mathews is the founder and chief resilience officer of Asfalis Advisors, where they are focused on protecting the legacy of the leaders they serve through business resilience. Before becoming an entrepreneur, Mathews developed global crisis management and business continuity programs for government and private sector organizations to include Lowe's Companies, Gulfstream Aerospace, and the Department of Homeland Security. • LinkedIn: https://www.linkedin.com/in/vanessa-vaughn-mathews-mba-cbcp-70916b4b/ • Book Mathews as a speaker: https://www.asfalisadvisors.com/public-speaking/ • Asfalis Advisors: https://www.asfalisadvisors.com/ Jon Seals, producer Jon Seals is the editor in chief at Disaster Recovery Journal, the leading magazine/event in business continuity. Seals is an award-winning journalist with a background in publication design, business media, content management, sports journalism, social media, and podcasting. • LinkedIn: https://www.linkedin.com/in/jonseals/ • Disaster Recovery Journal: https://drj.com/