Subscribe to the Business Resilience DECODED podcast – from DRJ and Asfalis Advisors – on your favorite podcast app. New episodes every other Thursday.

Episode 79: Understanding Ransomware

Vanessa is joined by Brian Kirk, director of cybersecurity for Elliott Davis, LLC, a Southeast-based accounting and consulting firm. The subject is ransomware, specifically ransomware, as it impacts small businesses. Ransomware attacks on companies with 100 or fewer employees get little publicity, says Vanessa, and most small business owners underestimate the danger. Brian explains that fully half of the ransomware attacks are against small companies. Brian and Vanessa make the following additional points:

  • Small business owners should not assume their managed IT service providers will protect them from ransomware attacks or give assistance if attacks occur.
  • Small businesses are strongly advised to set up offsite data backups, implement audit logging, purchase cyber insurance, and devise an incident response plan.
  • Obscurity does not equal security. Cybercriminals are proficient at finding vulnerable companies, even ones with few employees and a low profile.

Vanessa also points out that small businesses provide most jobs in America and make up the supply chain for the Fortune 500 companies. Brian shares the bizarre story of a doctor’s office that was hacked and—after paying the ransom—was coached on how to recover its files by a help desk person working for the hacker.


Disaster Recovery Journal:

Register for DRJ’s weekly (Wednesday) webinar series at

Register for DRJ Fall 2021: A Virtual Experience at

Asfalis Advisors:

Apply to be a guest on the podcast:

Download the 5 Step Crisis Strategy:

Request Vanessa Mathews as a Speaker:

Connect with the podcast!

Brian Kirk, guest

Brian Kirk is the director of cybersecurity at Elliott Davis, LLC.  Based in Greenville, South Carolina, he has worked in the information security field for 11 years and in IT for a total of 29 years. He was formerly the head of information security for a Fortune 500 engineering and construction firm and is a graduate of Clemson University.

Vanessa Mathews, host

Vanessa Mathews is the founder and chief resilience officer of Asfalis Advisors, where they are focused on protecting the legacy of the leaders they serve through business resilience.  Before becoming an entrepreneur, Mathews developed global crisis management and business continuity programs for government and private sector organizations to include Lowe’s Companies, Gulfstream Aerospace, and the Department of Homeland Security.

Jon Seals, producer

Jon Seals is the editor in chief at Disaster Recovery Journal, the leading magazine/event in business continuity. Seals is an award-winning journalist with a background in publication design, business media, content management, sports journalism, social media, and podcasting.

Critical Infrastructure Cybersecurity: Better Late than Never
Critical infrastructure is the heartbeat of America. It covers everything from shelter and agriculture, to public health and transportation. So...
Healthcare’s Remedy for Treating Cybercrime
According to a recent update from the International Monetary Fund (IMF), cyberattacks have more than doubled in volume since the...
Disaster Recovery Investments Grow Revenue, Not Just Cut Costs
Today’s organizations are navigating unique business challenges amidst the increased cost and frequency of data breaches. Security incidents are overwhelmingly...
The Business Case for Data Backup and Recovery
It’s natural to assume the responsibility for deploying enterprise data backup and recovery falls on the IT department’s shoulders. After...