Sara Pinheiro

Africa the shining star for Acronis in 2020

By 2020

2020-12-10 The Africa region massively exceeded Acronis’s projections for 2020, according to Sara Pinheiro, Acronis business development manager for Africa, who was in town recently and joined us for socially-distanced end-of-year Synapsys partner events. This is based on the growth of Acronis Cyber Protect Cloud, and Sara urges partners to look at a hybrid approach in 2021, with cloud service providers also selling on-premises Acronis solutions, and the reverse for on-prem partners.

The Acronis team dedicated to the African region has already grown this year, and will see further additions in 2021, along with the launch of a refreshed Acronis partner programme and additional focussed marketing and PR efforts. The company is also gearing up to announce its first local data centre in South Africa — more news on this is expected in 2021.

Local schools project, computer labs

Sara also shared with us that the Acronis Cyber Foundation, whose mission is to build schools where children don’t have access to schools, is going to build a further two schools in Africa. It has already completed schools, which focus on teaching STEM subjects to girls, in Senegal and Tanzania, with the next planned for Malawi and South Africa. A new addition to the schools project is building satellite computer labs to support learners with online access to education during the pandemic. (If you want to get involved with these important education initiatives, you can find out more at the end of this blog post.)

The Synapsys partner events took place in Johannesburg and Cape Town, with partners attending from surrounds and as far as Kenya. In between a coffee demonstration by Origin Coffee Roasting, three of our partners shared their stories about working with Synapsys and Acronis.

Partner testimonials

Mike Edmunds from Synapsys partner Bastion Backups shared a dramatic story about how his team was able to restore 6 TB of customer data after an attack by using Acronis Cyber Protect. The customer’s primary IT supplier had conceded defeat, but Bastion, by installing Acronis Cyber Protect after the attack, was able to detect the ransomware, isolate it, and clean up and restore the data.

Similarly, Gary Fouché from Synapsys partner Gravit8, first experienced Acronis in its early backup days when resolving a pre-existing issue for a client. Sixteen years later, he says Synapsys and Acronis still help him sleep at night, knowing that backups with Acronis have a 98% success rate, compared to the 30% to 40% success rate he was seeing with other suppliers. And the missing 2% is usually due to internet failures or load shedding, and Acronis’s easy to use monitoring system makes it quick and easy to identify any backup glitches and rerun them.

iStore Business’s Matthew Collison’s journey with Synapsys and Acronis is slightly different. He started out as a direct customer while looking after infrastructure for the Core Group in Southern Africa, where ultimately he had 25 TB of data residing in the Acronis cloud, hugely reduced his spend on virtual machines by shifting to Acronis’s license-free option, as well as finally finding a disaster recovery solution that could cope with their idiosyncratic database setup. From there, he took Acronis into the iStore Business’s managed services offering, where, he says, the product sells itself as there is a use for Acronis in almost every business.

Synapsys MD, Peter French, closed out the events with a quick Q&A session, and no doubt these conversations will continue in 2021, with hopefully more in-person engagements than we have been able to do this year.

How you can help:

  1. You can support the Acronis Cyber Foundation with office supplies, hardware and connectivity for the schools and computer labs.
  2. As part of Acronis’s ramp up of activities across all of Africa, it is looking for professional sports partnerships. If you have any recommendations or referrals, please let us know.

For both, email and we’ll pass your details on to Sara.

Written for publication on the Synapsys website on 10 December 2020

ransomware message on screen

Five cyber protection takeaways from Nick Keene

By 2020

Nick Keene Synapsys Presales Engineer

2020-11-26  A few weeks ago, Nick Keene, Synapsys Presales Engineer, joined the panel in a webinar organised by Rectron to discuss how companies can boost their cyber protection. As well as his recommendations for what to do if you get hit by a ransomware attack (which, if you haven’t read you should, we share the link below) he also shared the following insights.

1. The IT skills shortage is adding to the cyber protection challenge

IT teams are stretched with members often wearing many hats. This is true for companies of all sizes, but is particularly true for smaller companies, where the entire IT team might comprise only one person. Additionally, small and medium companies often don’t have a  CTO to make strategic decisions around the tools to use, and this can end up in organisations inappropriately using consumer-grade security tools in a business context. This leaves organisations vulnerable to cybercrime due to gaps in their protection and lack of visibility and control.

2. Identity is the new edge

The days of having everything wrapped up neatly behind a corporate firewall are over, thanks to the rise in mobility as well as the switch to remote and hybrid workforces during the pandemic. Your people’s identity is the new network edge and it is vital to maintain the integrity of your employees’ identities and manage how they access your corporate network whether it’s via laptops, workstations or mobile devices. Today, VPN access to corporate networks is essential.

3. Cyber protection is a human problem too

The Experian South Africa data breach reminds us that it’s not only digital identities that need protection and verification, and that cyber protection is a human problem too. Not all the threats to your data are digital, and it’s not only malware, ransomware or hacking that need to be safeguarded against. It’s your valuable data that criminals are after and they don’t really care how they get to, steal or manipulate this.

4. Companies need to move past “production is king” thinking

Although this thinking predates the COVID-19 pandemic, the shift to lockdown quite dramatically illustrates it. Understandably, for many companies the focus was on getting employees up and running from home, to keep the lights on and minimise business disruption. To be sure, there were those companies prepared with things like VPNs and access control already in place. But for many, cyber protection was at best cobbled together and a best effort. Now, a few months down the line, we need to shift from “production is king” thinking to a more considered, integrated approach to cyber protection (while still, of course, enabling our organisations). As we’ve seen from the rise in cybercrime this year, it is not good enough to treat cyber protection as a best effort afterthought.

5. Cyber protection needs to be integrated

Following on from the previous point, to protect your business today, or as an MSP to protect your clients, you need to take a holistic view of cyber protection. This should blend antivirus, backup, management of endpoints, fileshare control, access control, management and monitoring, and everything else that goes into protecting your people and data. Holistic protection with a single pane of glass to monitor and manage is the best approach to protecting valuable assets across all critical fronts.

Read Nick’s ransomware rapid response plan here.

To hear Nick and other expert speakers discuss securing your business from cyberthreats, you can watch the full webinar.

Written for publication on the Synapsys website on 26 November 2020

ransomware message on screen

Your ransomware rapid response plan

By 2020

Nick Keene Synapsys Presales Engineer

2020-11-19   Our friends at Rectron recently invited Nick Keene, Synapsys’s Presales Engineer, to participate in a webinar discussing how companies can secure themselves from cyberthreats. During the webinar, Nick shared his recommended rapid response routine in the event of a ransomware attack.

This is based on his experience assisting companies in the aftermath of attacks, and is designed to minimise impact and assist with speedy restoration of services. We thought it would be useful to share Nick’s rapid response plan here as well.

What to do when you are hit by a ransomware attack

This is for everyone in an organisation:

  1. Disconnect your device from the corporate network and the internet by unplugging LAN cables and switching off WiFi connections. Do this before you call IT, before you Google the warning message, before you email anyone, before you make a cup of tea, before you finish your phone call. This is the number one thing you can do to minimise the impact of the attack.
  2. Call your IT department or managed service provider (MSP) immediately. Don’t panic, they want to know right away!


Ideally, IT or your MSP steps in at this point. 

  1. Isolate your core infrastructure from the rest of the network and internet. Preferably don’t shut anything down though, as some attacks are designed to prevent rebooting. 
  2. Isolate and secure your backups. Consider taking them off-site.
  3. Assess the damage and which systems have been affected.
  4. Quarantine the infection, clean up what you can and restore your data. A clean restore from backups (that have not been infected) is usually better than decrypting the data held ransom.
  5. In parallel, investigate the attack to make sure nothing is left lurking on your network. You should also find out how the attack entered your system and close these, and similar, gaps in your security perimeter. Finally your insurance might require snapshots of the encrypted system for a forensic investigation.

To pay, or not to pay, the ransom:

  • If you have clean, up-to-date, comprehensive backups you can simply restore these. 
  • However be aware that the criminals could still sell/leak your data. Then again, they could do that even if you do pay the ransom.
  • If you choose to pay, be aware that you perpetuate ransomware attacks, fund criminals, and that there’s no guarantee you will get your data back intact, or even at all.

Of course prevention is better than cure, and it is important that you have policies in place to prevent ransomware attacks, and also to have a robust backup practice to allow you to quickly restore authentic, uninfected data in the event of an attack.

Nevertheless, with ransomware attacks on the rise, it is critical that everyone in an organisation knows what to do if an attack does happen as part of basic cyber protection hygiene. As with many emergency situations, the seconds and minutes immediately after an incident can impact the ease and speed of recovery.

To hear Nick and other expert speakers discuss securing your business from cyberthreats, you can watch the full webinar.

Written for publication on the Synapsys website on 19 November 2020

Stay safe from cybercriminals

What “stay safe” means today

By 2020

2020 11 11  By Shannon Kroger, Synapsys Inside Sales Professional

Think about when you tell someone to “stay safe”. You probably mean drive safely, lock your front door, and, in 2020, wear a mask. But this year’s Acronis Global Summit made me realise that the meaning of safety has been dramatically extended to cover both our physical and digital lives. So now, “stay safe” also means set a strong password, keep your antivirus software up-to-date and don’t click on strange links in emails.

Digital safety as important as physical safety

This is hardly surprising, given how much a part of our lives digital is. The recent years have made it clear that there is so much we can’t do without IT, even if sometimes we lose sight of how much technology has infiltrated our lives. We rely on technology for not only business, but all aspects of life: from keeping in touch with family members abroad (and locally, during lockdown) to doing personal finances and storing important documents. Smart gadgets are coming into our homes, transforming our lives. Smart fridges, smart microwaves, smart kettles to name a few. And even coffee machines are at risk of cyber threats!

My first Acronis summit

Just to drive home how much the world has changed, my first Acronis summit happened in my office, with me sitting behind my desk with a cup of coffee in hand, rather than in sunny Miami with the chance to meet people from all over the world. On the other hand, many more people attended this inaugural virtual summit than had attended previous in person events.

It was clear during the summit that Acronis certainly recognises that we need to change how we think about cybersecurity, and it has a plan in place to make this happen. Today, backup alone is not enough. Traditional data protection, or backup, needs to be combined with classic cybersecurity to create a whole new way of thinking and approach to staying safe online: cyber protection. Acronis’s technical solution to this changing online landscape is Acronis Cyber Protect, which integrates cyber security with the traditional backup capabilities.

New threats mean new education needed

Of course a new way of thinking about cyber protection needs a new way of teaching, and the summit highlighted the need to change the way we carry out cyber protection education. The changes in technology are ongoing, dynamic, and complex. Unfortunately education has not kept pace with these changes. As a response to this, the Schaffhausen Institute for Technology (SIT), where Acronis’ CEO and founder, Serguei “SB” Beloussov, serves on the board of directors, offers cyber protection courses for individuals and companies. These courses provide knowledge that is critical to stay safe in our current environment.

There is no doubt that everyone needs to up their cyber protection education levels. From learners and students who have had to switch to remote learning, to everyone in the workplace whether they are working remotely or not, to management who needs to understand the risks of security in the organisation, and to implement a procedure that one needs to follow in the event of a security breach. It is not enough to just provide training for applications without providing education about the consequences that come with using that technology. Education is key in protecting organisations and individuals from cybercriminals.

And 2021?

After the year we’ve had, I’m not making any predictions about where and how I’ll be participating in next year’s Acronis Global Summit. One thing is for sure that change is the only constant in digital technology. But there are plenty of things you can do, today, to identify new risks, protect yourself, alleviate anxiety about the pace of change and stay safe in the online world.

A good place to start is by watching the recordings of our top five sessions from the summit. These are available on-demand until 20 December 2020.

Written for publication on the Synapsys website on 11 November 2020

CyberSummit Newsdesk

Top five must-watch sessions from the Acronis Global Cyber Summit 2020

By 2020

2020 11 05  If you don’t have time to browse the full set of on-demand recordings from the recent Acronis Global Cyber Summit, you’ll benefit from dipping into the below:

IT Channel: Industry Outlook, Opportunities & Trends The opportunities for the channel over the next decade look very different from the successful models of the past. This engaging session unpacks these changes and shares guidance for getting out in front of the market in 2021 and beyond. (watch here)

Navigating the Geopolitics of Tech: What’s happening in Europe and the UK Learn from a key leader who helped write the European cybersecurity strategy. (watch here)

Protect your Edge Elite sports pro’s (including Faf de Klerk) share insights you can apply to your business. (watch here)

SIT Academy: Cutting-edge trends of continuous education Discover what it takes to become your company’s digital leader in a discussion between Candid Wuest, a cybersecurity expert, and Philipp Boksberger expert in training and education. (watch here)

Generating Leads and Sales: Learning How to Create Messaging and Campaigns that Drive Sales in Your Market Learn how to identify and use your currently underutilized marketing assets as well as Acronis marketing campaigns to grow your business. (watch here)

The on-demand recordings are available until 20 December 2020 – don’t miss out!

Written for publication on the Synapsys website on 5 November 2020

image of woman watching webinar

Acronis plans to train 1 million people by 2022

By 2020

2020 11 04

Acronis, a global leader in cyber protection, has launched the Acronis #CyberFit Academy which plans to train one million people by 2022.

The new training and certification programme is designed to deliver insights to channel partners in how to position, sell and deploy the cyber protection solutions that modern organisations seek. The new educational initiative was announced yesterday at the Acronis Global Cyber Summit 2020.

“Given the fast-changing and ever-evolving cyber landscape, companies must learn how to operate in the new digital reality or their business will cease to exist. Against that backdrop, the Acronis #CyberFit Academy is an active and scalable education engine designed to expand the company’s support of partners. With plans. The platform’s mission is to ensure partners become experts in cyber protection and can connect clients with the solutions that best meet their needs,” the company said.

As a special offer, timed to the launch of the Acronis #CyberFit Academy, all 2020 training sessions and certification courses will be offered to existing partners free of charge.

Read more…

Originally published by Acronis on IT-Online on 22 October 2020

CyberSummit Newsdesk

Synapsys’s top takeaways from the Acronis Global Cyber Summit 2020

By 2020

2020 10 28  Although we were disappointed not to be able to participate in another amazing in-person event in Miami this year, we were very excited by what emerged during this year’s virtual Cyber Summit.

We’ve put together the personal top takeaways from some of our team to share with you:

Nick Keene, Presales Engineer

  • Backup really is dead (but not quite): Acronis is not really pivoting away from backup, but Cyber Protection is definitely where it’s at – and backup forms only one small part of this. Cyber Protect is already a great product and Acronis is dedicated to making it better. Acronis is already an established and trusted backup & recovery vendor; most new enhancements in the pipeline are geared towards improving the security offerings – evidenced by their recent acquisitions (e.g. Devicelock). New developments in the backup space are mainly around supporting new workloads such as MySQL and MariaDB and support for native NAS agents (as well as new hypervisor support) coming down the line. Summing up, I would say that Cyber Protection (data protection + cybersecurity) is the focus going forward.
  • Cyber Platform is key: Acronis is pushing its developer platform and encouraging integration without being hung up on exclusivity. More on the Acronis Cyber Platform here.
  • Partners, partners, partners: Acronis really wants everyone to be a service provider – the push to allow service providers to sell traditional licenses is evidence of this. They’re working hard to educate their partners and service providers to “get with the program” on security – there was extensive information, e.g. here, on how to get going with a Cyber Protection service business.

Matt Stenvert, Sales Consultant

  • A statement by the Acronis founder and CEO Serguei “SB” Beloussov during the #CyberFit Press Room session really struck me. He said, “Our partners and resellers are IT doctors”, highlighting the fact that in both fields, a specialist level of education is required to treat severe/near-fatal incidents. Furthermore, both medical doctors and IT personnel need to remain up to date with the latest trends in their fields to respond to potential threats with greater efficiency.
  • During the session The Future of Cyber Protection, SB announced that Acronis will be enabling integrations from multiple other companies in the near future, which shows how serious Acronis is about bolstering their already substantial cyber protection offering with other well-respected technologies.

Rebecca Domingo, Marketing & Communications

  • Two very hands-on sessions in the Marketing track stood out for me. Existing Acronis partners will definitely benefit from the panel discussion on using Partner Portal assets and content libraries to beef up marketing campaigns to all parts of the funnel; and the workshop on identifying and using your currently underutilised marketing assets will benefit both the marketing beginner and the seasoned pro.

Shannon Kroger, Inside Sales Professional

  • I joined Synapsys in early March – a few weeks before South Africa went into hard lockdown. Unlike the rest of the Synapsys team, my first experience of an Acronis Global Summit was in my office, behind my desk, cup of coffee in hand, rather than in sunny Miami and meeting people from all over the world. That said, it was amazing to see almost 10,000 people from all around the world attend this virtual event, which highlights one good thing to come from the pandemic: it shattered financial, logistical, time, and other barriers – many more were able to participate and benefit from the knowledge shared!
  • Much of what really stood out for me in the Summit had to do with the fact that the pandemic has forced us to change the way we approach cyber protection – from basic education and awareness around potential risks, to procedures to follow in the event of an attack.
  • Change is the only constant in digital technology, the only guarantee. A valuable response to this – the cybersecurity courses offered by the Schaffhausen Institute for Technology (SIT), where Acronis CEO SB serves on the Board of Directors.

The on-demand recordings are available until 20 December 2020, so you still have time to dive in.

Written for publication on the Synapsys website on 28 October 2020

backup is part of an integrated approach

Backup is dead. Long live backup.

By 2020

2020 10 21 If you haven’t been paying attention, traditional backup is dead. But for Acronis, backup continues, even better, as a critical part of cyber protection: a new, integrated, automated, modern approach to protecting businesses and people from cyber threats. This was the clear message from Acronis’s CEO and founder, Serguei “SB” Beloussov, during his keynote that opened the 2020 Global Cyber Summit.

Long live backup

In fact, SB announced that Acronis will discontinue backup as a separate product. It is not enough to do backup only because today backup needs to be proactive, and integrated with disaster recovery, archiving, and the rest of your tools to cope with today’s very large number of workloads. For Acronis, backup is now a feature of cyber protection and will continue to improve as the company invests in making data and workloads safe and accessible. Indeed, Acronis supports 26 workloads now, and plans to launch an additional 100+ by 2022.


This integration of backup into the Cyber Protect service forms part of an overarching integration strategy from Acronis that is a response to the inefficient and ineffective legacy patchwork of solutions that companies have had to use to protect themselves. Big companies are using between 50 and 100+ different cybersecurity tools, according to Enterprise Strategy Group research. Smaller companies, and their MSPs, can easily be using more than a dozen security solutions, said SB.

Cyber protection needs to be about more than safety and security. It includes accessibility, privacy and authenticity which together form a comprehensive approach to cyber protection covering all attack vectors (read more about SAPAS here). It also goes beyond detection of and response to threats, but includes active prevention, recovery and subsequent forensic investigations.

In other words, an integrated approach is essential to protect against cyber threats. Integrated cyber protection addresses the complexity of digital workloads today, the cost to protect them, modern security requirements in the face of increasingly industrialised threats, today’s data privacy requirements and recognising that IT and cyber protection is a basic human need. Acronis calls this cyber singularity.

Good to know: Soon it is going to be possible for distributors and partners to have a unified view of both Classic and Cloud licenses.

Complete automation

In addition to the automated threat detection and recovery built into the integrated Cyber Protect service, Acronis looks at automation through the lens of supporting MSPs to scale their businesses. It calls this complete automation, which it has modelled on the scalability of the hosting industry:

  1. Delegation: multi-tier and multi-tenant solutions that can support all business models
  2. Mass management: to handle increasingly large customer workloads
  3. Automation: to allow services providers to do more with the same number of people
  4. Cost management: thanks to an integrated service with one agent, console, UI license and vendor
  5. Integration: customisation, integration and extension of cyber protection

Our takeaways from the keynote:

  1. The only way to protect your data, applications and systems is with integrated and automated cyber protection, and today, the only solution that does this is Acronis Cyber Protect.
  2. SB’s formula for end-users: cyber protection not data protection is the only way to make your IT work. Having this delivered by service providers is the best way to run your IT operation. Relying only on internal IT often won’t scale, especially if you are supporting a variety of workloads at the edge and on endpoints.

Watch the full keynote here, and look out for Acronis’s Vice President of Cyber Protect, Candid Wüest, stopping a WastedLocker attack during a Cyber Protect demo.

Written for publication on the Synapsys website on 21 October 2020

cyberthreats image hacker

Do we need to rethink cybersecurity?

By 2020


By Peter French, Synapsys Managing Director

Two takeaways from the 2020 Acronis Cyber Readiness Report have left me scratching my head. First, 32% of companies reported that they haven’t been targeted by cyber attacks in the past three months. Compare that with the 9% of companies reporting hourly attacks, and 22% reporting daily attacks. Now consider that encountering an attack doesn’t mean the attack succeeded and, indeed, you can only block an attack if you know it’s there.

Personally, I’d rather do business with the companies that know they’re being attacked and are doing something about it than the three in 10 that think they’ve never been targeted. Not only have they almost certainly been targeted, but because they are unaware of this, criminals are lurking on their systems with impunity, learning and biding their time for maximum damage and/or profit.

The second takeaway from the report that caught my eye was that, according to Acronis Cyber Protection Operations Centre (CPOC) experts, corporate security policies and tools are still based on compliance rather than actual business or market needs. Take phishing, for example. Despite the increased sophistication and accessibility of cyber attack tools (ransomware as a service is available for as little as $100, and at $10 million per ransom, that’s not a bad ROI), phishing is still one of the most common tactics used by cyber criminals either as an end in its own right, or as a gateway to a more sophisticated attack.

And yet, as the report points out, there is no industry response to phishing. Even something as simple as a “Report this e-mail as phishing” link at the bottom of an e-mail, or blocking links from unverified senders, is not yet common practice.

Are we getting better at cybersecurity?

While this paints a fairly gloomy picture of the state of cybersecurity around the world –and according to Acronis, South Africa reports twice as many malware attacks as the global average – I don’t think it’s a case of us not getting better at preventing attacks. Consider how fast attacks have transformed and become more sophisticated since the days when a single corporate firewall was enough to protect your organisation. Today, those rows of stationary, wired-in desktop computers and mainframes have been replaced with smartphones, laptops, tablets and cloud computing, augmented by artificial intelligence, the Internet of things and all the other innovation that is driving digital transformation. On the one hand, we’re doing okay cybersecurity-wise.

But then also consider the dramatic rise in ransomware and other attacks this year and the fact that people are still the weakest link. It’s clear that more of the same is not going to be enough and that we need to do things differently.

This imperative is only going to increase as #workfromhome becomes #workfromanywhere, with employees bringing devices back onto corporate networks, and also expecting to work remotely. According to the Acronis report, South Africans are very much in favour of this, with higher percentages of respondents preferring an 80:20 remote vs office split, or a fully remote future.

How do we need to change our cybersecurity thinking?

One way is through the technology shift being driven by Acronis that combines data backup with cybersecurity. Of course I would say that, leading one of Acronis’s distributors in Africa, but the innovation really is elegant and almost obvious. Acronis’s cyber protection services reflect that today, these functions go hand-in-glove. Not only does Acronis Cyber Protect allow organisations to restore their valuable data quickly and completely in the event of a breach, but ensures the restored data is malware-free to avoid reinfecting the system.

Our partners have already seen this in action when other cybersecurity services have failed to stop an attack and restore the data. And with ransoms reported as being as much as $10 million, if you’re looking for a way to show ROI on your security spend, this is how.

A single pane of glass

The second aspect of Acronis Cyber Protect that moves the needle is the single, integrated pane of glass that allows security administrators to see at a glance the state of the devices and networks on their watch. This saves time and effort, but also the whole is worth more than the sum of the parts. A single system is able to make valuable connections between various metrics and trends to produce insights that disparate systems would need a lot of MacGyvering to even come close to.

This freed up time could, I’d suggest, be used by infosec teams to proactively enable their organisations, freeing them from the historical role of reactive enforcers.

Being human

Another paradigm we need to shift (and this is something I currently don’t have an answer for) is tackling the human element and education around cyber security. Despite the best efforts of training programs, humans are still the weakest link at work, at home, at their favourite coffee shop and the hot desking environment they choose to work from.

Humans are obviously humans, and are prone to mistakes especially when stressed, tired, under pressure or doing repetitive tasks. And while it’s obviously not up to infosec to fix the state of the workplace, this does point to a wider responsibility for cybersecurity in the organisation. Consider physical security: it’s up to everybody from the C-suite down to safeguard the office and each other and, say, not let unauthorised people onto the premises. Why should cybersecurity be any different?

I do think, just like the “report phishing” link at the bottom of an e-mail, there are human-centred interventions that we need instead of, or as well as, the traditional top down cybersecurity education. Interventions that don’t impede people’s workflow and efficiency, but build prevention, protection and awareness into everyday activities. So that, ultimately, cybersecurity truly does become as ingrained as something like road safety.

A last word

For cutting-edge insights, I highly recommend registering for next week’s Acronis Global Cyber Summit (virtual) – you’ll have access to hands-on interactive workshops, informative breakouts, inspiring keynotes, and the opportunity to meet some of the most successful MSP experts and cyber protection practitioners in the world.

This article was first published on ITWeb on 14 October 2020

virtual conferencing

When downtime’s not an option, you need to be proactive about security

By 2020

2020 10 07  It’s easy to get caught up in the impact of cybercrime on corporate and personal data. It’s data that ransomware hijacks, and it’s data that gets leaked. This focus is not surprising, given the exponential growth in data around the world, as well as its importance in our digital, knowledge economy.  “Data is the new oil” after all.

OT vs IT

That said, the second panel discussion during Acronis’s recent virtual conference was a stark reminder of the impact of cybercrime on operational technology (OT). OT deals with the machines that build our world, as opposed to information technology (IT), which deals with data. The panel was titled Manufacturing and Industry 4.0: Evolving from Reactive to Proactive defenses against Downtime and was moderated by Williams Racing CIO, Graeme Hackland. (We share the link to the recording at the end of this article.)

Typical cybersecurity paradigm not always appropriate for OT realities

Research from Aberdeen indicates an average hourly downtime cost for manufacturing across all industries as a whopping $260,000 per hour. And panellist, Mohammed Nabeel, senior solution architect, cybersecurity at Yokogawa Middle East & Africa, pointed out that, unlike in the IT world, planned downtime might need two to four years in preparation because it is such a disruptive event. Furthermore, as manufacturing is increasingly digitalised, with more machines needing network access and cloud capabilities, protecting OT from cybercrime is becoming increasingly complex.

Nabeel also graphically illustrated how the typical cybersecurity paradigm might be totally inappropriate for the manufacturing floor, where the first line of defence is often an evacuation. In one instance, during an ammonia leak, an employee who was trying to switch off the valve mistyped their password multiple times – understandable, given the physical conditions. But then the automated fallback security process was a retina scan – also very difficult, if not impossible, given the environment. And the employee wasn’t any closer to shutting off the valve and containing the leak.

OT security needs an integrated approach

As with IT security, there is no silver bullet solution for OT security, and an integrated approach powered by AI and automation is essential. However these solutions need to recognise the specific requirements of the OT space. For instance, availability is the number one priority in OT. Not to mention the restrictions and limitations of the physical environment, as in the example above, make implementing capabilities such as automation challenging.

Top tips from industry experts

The panellists also each offered their tips for evolving from reactive to proactive security:

Use AI as your watchdog to find incidents in the flood of data.” — Sascha Maier, head of IT and cyber resilience at IWC Schaffhausen.

“Manufacturing is traditionally well-prepared for the expected. Systemic learning from reaction will be necessary to prepare for the unknown.”  — David Fuhr, head of research at HiSolutions AG.

“Modern business continuity can only be achieved by integrated cyber protection solutions, not separate backup, cybersecurity and system management.” — Nick Grebennikoff, chief development officer at Acronis.

No single measure is sufficient to defend against cyberattacks due to progressive adoption of IoT, which demands more integrated networks. Lack of visibility is undermining the effectiveness of established defences.” — Mohammed Nabeel, senior solution architect, cybersecurity at Yokogawa Middle East & Africa.

This is just a snapshot of some of the insights shared during the virtual conference. You can watch the full recording here.

And hopefully this whets your appetite for the upcoming Acronis Global Cyber Summitread more and register here, now!

Written for publication on the Synapsys website on 7 October 2020