Even before the COVID-19 crisis hit, experts were tracking increases in the frequency and financial impact of ransomware attacks on businesses. Cybersecurity Ventures predicts that by 2021, a business will be hit with a ransomware attack every 11 seconds—which is up from every 14 seconds in 2019—and that globally, ransomware damages will reach $20 billion by 2021. That’s 57 times more expensive than the damage in 2015.
Malicious technology is becoming more sophisticated (hello, cyber-crime-as-a-service), and as a result, cybercriminals are able to find more vulnerabilities and penetrate security perimeters they were previously unable to breach.
Once inside the network, today’s ransomware is able to inflict greater damage to the organization as attackers not only hold your data hostage but also threaten to publicly expose it. A data breach is a legal, logistical, and PR nightmare that many companies are willing to avoid at all costs.
Why Every Organization Needs Ransomware Protection
The financial impact of ransomware is skyrocketing, and there is no reason to believe it will level off any time soon. Businesses recognize that the cyberattack threat is here to stay, and they are taking steps to mitigate risk by investing heavily in cybersecurity—to the tune of an estimated $1 trillion spent on cybersecurity products and services between 2017 and 2021.
This investment in cybersecurity, including a ransomware protection strategy, will help reduce the negative impacts of a ransomware attack on your company that go beyond a dollar amount.
Customer confidence and satisfaction are two of the driving factors in customer retention and growth, which has a direct and significant impact on company revenue.
A recent Arcserve study on how ransomware attacks affect consumer behavior shows that you can’t underestimate the impact of good cybersecurity on your bottom line. For example, 59 percent of respondents said they would avoid doing business with a company that had been affected by a cyberattack in the past year.
And they aren’t going to forgive and forget. Almost half of respondents say they won’t do business with you if you’ve been attacked within the past three years.
According to the study, downtime is another deal breaker for many users, with 60 percent saying it would only take two or fewer service disruptions for them to switch companies and 28 percent ready to jump ship after just one disruption.
5 Ransomware Protection Strategies
With the stakes so high, it is crucial to get a plan in place to protect your organization from a ransomware attack. Here are five proven strategies for building up your defenses.
1. Implement identity and access management best practices.
Ransomware attackers love it when you leave the door unlocked, so make sure you only let the right users in. Brute force ransomware attacks are becoming more common, so be sure to require multi-factor authentication and advanced password standards for all user accounts.
You should also monitor third-party remote access to your network to ensure they are following good cybersecurity practices. You can be held liable for a breach that results from your vendors’ or contractors’ poor cybersecurity hygiene.
2. Configure systems to proactively address threats.
Proactively addressing ransomware is always better than dealing with it after the fact. Unified threat management (UTM) tools will detect and prevent access to known malicious IP addresses so they can’t infect your system.
Centralizing patch management and scheduling regular patch reviews to ensure all systems and devices are up to date is one of the most crucial ways to proactively prevent breaches. For example, patching could have prevented the Equifax breach in 2017, but instead 148 million people had their personal data exposed.
Malicious users can only harm what they can reach. Preemptively separating servers, networks, and data storage (especially those backups!) will limit what they can damage in the event attackers do gain unauthorized access.
3. Integrate data security and data protection technology.
Set your security strategy up for success by integrating as many protection points as possible. For example, use vulnerability scanning, SSL encryption, and other technical controls to confirm that backups are being performed.
Those backups are only useful if you can use them, so implement the 3-2-1 rule: Create three copies of your data, store them on two different media, and make sure one copy is stored off-site or in the cloud.
Be sure to integrate disaster recovery and application availability tools and use artificial intelligence for added endpoint protection.
4. Educate employees on ransomware protection protocol.
Many ransomware attacks succeed because of poor user choices. Educating employees is key to prevention.
Conduct regular security and risk mitigation training and education sessions so everyone in your organization understands the threat of ransomware and knows their role in minimizing risk for the organization.
Create and circulate security and ransomware prevention policies and procedures for all users, and be sure every employee knows what to do if they encounter suspicious activity (or they click something they shouldn’t have).
5. Create a comprehensive business continuity and disaster recovery plan.
Despite our best efforts, sometimes bad things happen. What is important is that you are ready to respond when they do.
Prepare contingency and remediation plans for business recovery and continuity that take into account multiple outage scenarios, such as cyberattack, fire, or natural disaster. Test the plans regularly to ensure all systems, applications, and hardware are protected under the plan—and that the plan actually works.
Be sure your plan employs both on-site and off-site disaster recovery, backup (see the 3-2-1 rule above), and high-availability solutions to mitigate risk.
These ransomware protection best practices will help you defend your organization against cyberattacks and ransomware. But don’t stop here. Take this Ransomware Readiness Assessment to gauge your cybersecurity maturity level and create a best-fit strategy to improve your cyberthreat preparedness.