The UK government has proposed extending its ban on ransomware payments to cover the entire public sector in an attempt to deter cybercriminal attacks and protect taxpayers.

Stoli Group USA, the US subsidiary of vodka maker Stoli, has filed for bankruptcy – and a ransomware attack is at least partly to blame.

The American branch of Stoli, which imports and distributes Stoli brands in the United States, as well as the Kentucky Owl bourbon brand it purchased in 2017, was hit by a ransomware attack in August 2024.

Although the sector as a whole has traditionally been comparatively wary of the ever-increasing pace of technology, legal services are increasingly data driven, with an abundance of AI-related discussion emerging within legal technology circles. The core Document Management Systems (DMS) and Practice Management Systems (PMS) remain the centre of focus for how and where to deploy a variety of rapidly maturing SaaS platforms, or dedicated, highly customised suites.

The international hotel chain Omni Hotels & Resorts has confirmed that a cyberattack last month saw it shut down its systems, with hackers stealing personal information about its customers.

In the aftermath of the attack, hotel guests reported that they had been forced to check in on paper, that room keys didn't work, and all phone systems and Wi-Fi were offline.

Any organisation that has tried to recover from a ransomware attack knows that it can be time-consuming and costly. Companies hit by an attack must choose between paying a ransom or recovering encrypted data from a backup.

Unfortunately, ransomware gangs are too aware that they can leverage significantly higher ransoms from their corporate victims if they have also compromise the company's backups. For this reason, we are seeing more and more cyber attacks targeting backups because they know that organisations desperately need them to recover if they want to avoid paying a ransom to cybercriminals.

To Test or Not to Test? - When it comes to IT disaster recovery and remediation processes, regular testing is not a 'nice to have' - it's absolutely essential!

This isn't hyperbole on my part. You just have to look at the news on any given day. We've all heard the horror stories of organisations in both the public and private sectors experiencing prolonged downtime during disasters due to inadequate preparation, lack of testing, and the unsuitability of their legacy remediation processes and systems.

On the 18^th March 2024, the Information Commissioner's Office issued its updated guidance around the issuing of fines when organisations have been found liable for the integrity of their customers' or end users' data being compromised. It is already well-established now that failure to ensure critical data remains secure will result in costly fines, as we have seen repeatedly in multiple high-profile cases over the years.

The Finance sector has always been one of the most dynamic, rapidly evolving industries, and this shows no signs of changing any time soon. But while shifts in the landscape may well open new opportunities, they will also come with new challenges, and it is the organisations who are ready and able to face these head-on who will continue to thrive in the years ahead.

The turbulence of the current geopolitical situation has affected numerous sectors, who must not only consider how to protect their infrastructure from anticipated cyber-attacks, but also ensure that they are able to maintain business-as-usual as possible against a backdrop of global disruption to supply chains. As a sector that depends on the ready availability of materials, the UK's AEC sector has been particularly affected.

In light of numerous dramatic shifts in the geopolitical landscape in recent months, this blog has reiterated the need for organisations across all sectors to strengthen and - if necessary - reconsider their cyber security postures, in order to prepare for the anticipated attacks by global bad actors. The legal sector is no exception, particularly as these attacks are anticipated to specifically target the most high-value data.

In a heightened cyber threat landscape - where ransomware attacks are increasing in frequency and sophistication - and having weathered the challenges of COVID-19 and the resulting move to hybrid working, the Finance sector is still continually challenged to demonstrate to its customers that critical services will remain available no matter what, and that sensitive financial data will remain fully secure at all times.

With research from the IDC estimating that 80% of the data created by 2025 will be unstructured [1], businesses need to ensure they have an affordable storage solution for such high volumes of data. A simple, cost-effective solution that businesses can utilise to this effect is Cloud Object Storage, which stores petabytes of data in the Cloud as 'objects'.

We see over and over again how COVID-19 is transforming the way we work and connect with each other. Employees across virtually every industry are now working effectively from home, even if such an arrangement would have been unthinkable at the start of this year. It's been extremely heartening to see the range of innovations that have been embraced in response to the crisis, but it's important not to forget the foundations of your IT infrastructure as you explore these solutions. For example, consider how you are backing up and storing the lifeblood of your organisation: your data.