Subscribe to the Business Resilience DECODED podcast – from DRJ and Asfalis Advisors – on your favorite podcast app. New episodes every other Thursday.

Episode 79: Understanding Ransomware

Vanessa is joined by Brian Kirk, director of cybersecurity for Elliott Davis, LLC, a Southeast-based accounting and consulting firm. The subject is ransomware, specifically ransomware, as it impacts small businesses. Ransomware attacks on companies with 100 or fewer employees get little publicity, says Vanessa, and most small business owners underestimate the danger. Brian explains that fully half of the ransomware attacks are against small companies. Brian and Vanessa make the following additional points:

  • Small business owners should not assume their managed IT service providers will protect them from ransomware attacks or give assistance if attacks occur.
  • Small businesses are strongly advised to set up offsite data backups, implement audit logging, purchase cyber insurance, and devise an incident response plan.
  • Obscurity does not equal security. Cybercriminals are proficient at finding vulnerable companies, even ones with few employees and a low profile.

Vanessa also points out that small businesses provide most jobs in America and make up the supply chain for the Fortune 500 companies. Brian shares the bizarre story of a doctor’s office that was hacked and—after paying the ransom—was coached on how to recover its files by a help desk person working for the hacker.


Disaster Recovery Journal:

Register for DRJ’s weekly (Wednesday) webinar series at

Register for DRJ Fall 2021: A Virtual Experience at

Asfalis Advisors:

Apply to be a guest on the podcast:

Download the 5 Step Crisis Strategy:

Request Vanessa Mathews as a Speaker:

Connect with the podcast!

Brian Kirk, guest

Brian Kirk is the director of cybersecurity at Elliott Davis, LLC.  Based in Greenville, South Carolina, he has worked in the information security field for 11 years and in IT for a total of 29 years. He was formerly the head of information security for a Fortune 500 engineering and construction firm and is a graduate of Clemson University.

Vanessa Mathews, host

Vanessa Mathews is the founder and chief resilience officer of Asfalis Advisors, where they are focused on protecting the legacy of the leaders they serve through business resilience.  Before becoming an entrepreneur, Mathews developed global crisis management and business continuity programs for government and private sector organizations to include Lowe’s Companies, Gulfstream Aerospace, and the Department of Homeland Security.

Jon Seals, producer

Jon Seals is the editor in chief at Disaster Recovery Journal, the leading magazine/event in business continuity. Seals is an award-winning journalist with a background in publication design, business media, content management, sports journalism, social media, and podcasting.

Is Your Business Compliant with Data Sovereignty Requirements?
Data sovereignty regulations can be challenging for companies. One of the main difficulties is keeping track of where data is...
What Really Happens During a Ransomware Attack?
By early 2020, ransomware attacks had increased by 41% over 2019 levels, and the average ransom payment had risen to...
Five Ways Businesses Can Mitigate Cyber Threats
Our current post-COVID world has brought about many changes to the way we live our personal lives and how we...
Use DR Data Protection Pillars to Build a Next-gen DR Strategy
Anyone responsible for disaster recovery (DR) inevitably cares about data protection. To achieve even the most basic DR objectives, organizations...