What is at stake for the Waste & Recycling Industry and how to protect yourself with world class solutions?
2021 is seeing a marked upturn in the volume, sophistication, and impact of cyber-attacks on companies across the waste and recycling industry. Coupled to this, is the impact of the Covid-19 pandemic, resulting in millions more employees working from home, requiring remote access to corporate networks. As a result, the use of virtual private networks (VPNs) and the remote desktop protocol (RDP) has exploded during the pandemic. Cybercriminals have taken advantage of this, exploiting poor password security and VPN vulnerabilities to access corporate networks, steal data, and plant ransomware.
While cyber-attacks in our industry may not make national headlines, they are a real and growing threat as evidenced by the 150% growth in ransomware attacks in the past twelve months(1)
The majority of these attacks involve e-mail phishing to steal user credentials and ransomware.
No companies are immune from this threat as these attacks are increasingly sophisticated and automated at scale and designed to attack companies of all sizes.
However smaller companies are particularly vulnerable, especially those with on-premises business applications and who may not be able to afford the necessary strong defences and formal business continuity and recovery procedures. Technology has allowed individual entrepreneurs to start their own businesses more quickly but the other side of that coin, is that they may not be aware of all of the potential security risks associated with this rapid scaling, integrating and managing different technologies at the same time.
For these companies, the likelihood of attack is not only higher but the chances of making an early and full recovery to normal business as usual after an attack, are much more challenging.
Depending on the nature and severity of the cyber-attack, there are a range of possible negative consequences and associated costs.
According to research by IBM, the average cost of a data breach in 2021 was $4.25 million. However, this is just the tip of the iceberg, in terms of potential adverse risks.
Cyber Security Infographic
Severe and Lengthy Business Disruption
These types of costs, severity and duration of the business disruption after a cyber-attack should not be underestimated. Many companies have little in the way of formal business resilience or continuity strategies and discover that their data backup and recovery procedures are inadequate and unable to support a rapid recovery to business as usual.
In extreme cases, the disruption may last weeks or even months as they organisations to re-build their business systems and data and in the meantime try to operate business as usual without automation and key customer data so that critical business functions such as routing, customer care, invoicing and cashflow suffer. This is not sustainable for any growing business.
Reputational damage
A serious data breach with loss of customer data and/ or an extended time to full operational recovery will lead to serious reputational loss among not just your customers but also your suppliers, investors and other stakeholders like local government and regulators. This can lead into a direct financial loss as your brand is damaged and customers take their business elsewhere. Imagine for a moment the likely fall out from a scenario, where you have to advise your customers that their payment card details have been compromised. In some cases, the attackers even use the victims network to launch attacks against some of their larger customers.
Theft of Customer Data
Increasingly cyber-attacks have a ransomware component where the perpetrator requests a payment for the return of your customer data or a secure key to recover the IT systems that are impacted. This theft is often compounded where there is a threat that the key customer data will be offered for sale on the Dark Web to unscrupulous competitors.
Companies are strongly advised not to entertain these extortion demands.
Financial Losses
The average cost of a data breach cost in 2021 was $4.25 million (2).
A range of losses are possible in the following areas:
- Increased costs due to adverse operational impact (e.g., loss of automation of key business services, loss of critical customer data, driver overtime, return to paper-based operations etc.)
- Costs of restoration of the IT operations including investment in more secure IT infrastructure
- Cost of lost business due to damage to business reputation and brand
- Other costs (e.g. increases in insurance premium, costs of finance, regulatory fines etc.)
- Fines: in some geographies, there is also the prospect of fines from a Data Regulator where it is established that the waste company failed to comply with data protection legislation, and this could threaten a small business with insolvency.
What can you do to boost your cyber-resilience?
The AMCS Platform is designed to maximize cyber-resilience, which is the ability to prepare for, respond to and recover from cyber-attacks. This same cyber-resilience is also essential to respond to other threats such as manmade and natural disasters such as floods, fire and climate change.
We deliver our SaaS based solutions on the Microsoft Azure to leverage the security benefits of this platform and the unrivalled cyber security expertise of Microsoft.
While operating in the cloud cannot fully protect you 100% from threats, it does reduce your risk as you can avail of the partnership of AMCS with Microsoft, who is the largest end to end cyber security provider. This means that you are sharing much of the burden for protecting your business systems and data with a global cyber specialist and you are assured of proven business continuity plan to rapidly recover your operations in the event of a serious attack.
Microsoft is the largest global security vendor with 4,000 security experts and $1 Billion spent annually on security. Microsoft Azure is home to 400,000 customers including 90% of the Fortune 100.
The Microsoft Azure infrastructure allows the replication of your data across multiple data centres and thus access to your data and services can be restored rapidly following a crisis thus minimizing the impact on your business.
Such high levels of cyber resilience which were once the preserve of only the largest waste companies are now available to all companies that use the AMCS Platform on Microsoft Azure.
References
1. Microsoft Digital Defence Report September 2020
2. IBM Data Breach Report 2021 (https://www.ibm.com/security/data-breach)
Let AMCS show you how to optimize your operations to increase profits, improve efficiency and grow your business
This webinar gives an introductory overview of AMCS Platform, the end-to-end cloud solution allowing for full visibility into your operations.