The holiday season looks a lot different this year for many people, but one thing that hasn’t changed is the need to ensure your ransomware protection strategy is ready to work overtime.
Cybercriminals don’t take holidays off, which means they are poised and ready to attack while the rest of us are distracted by festivities and fun. Cybersecurity Ventures predicts that in 2021, global ransomware damages will reach $20 billion, and ransomware attacks will hit businesses every 11 seconds.
Ransomware: The Gift That Keeps on Giving
Steelcase, the world’s largest maker of office furniture, was recently hit with a massive ransomware attack. While the company claims no data was stolen from their system, just the knowledge that the company was the victim of a successful ransomware attack can be enough to send customer confidence plummeting.
Increased frequency of attacks and costs of recovery aren’t the only things to worry about—ransomware operators are also executing new tactics. New strains of ransomware are capable of doing more than just encrypting your data. Some expose sensitive company and customer data to the public, or publish it on the dark web, regardless of whether or not your company pays the ransom. That’s a guaranteed fast-track to losing customers.
Give Your Organization the Gift of Ransomware Protection
Ransomware has become an accepted risk of doing business. But when companies recognize the severity of the risk and take appropriate steps to mitigate it, ransomware attacks don’t have to be devastating.
Here are some of the top ways to protect your data and applications from ransomware. If most of these best practices are part of your ransomware protection strategy, consider yourself on the nice list. If you aren’t doing these things, now is a great time to implement them before you end up with something worse than a lump of coal in your network.
- Cybersecurity training: Educate employees on safe surfing practices and how to avoid clicking malicious links and email attachments.
- Ransomware crisis plan: Knowing in advance how your organization will respond to a ransomware attack can mean the difference between inconvenience and devastation.
- Well-documented, plain-language technical response: Your technical response is crucial to stopping the spread of ransomware within the system and minimizing downtime and data loss. Write the technical response plan in a way even non-technical staff can understand so the response can be initiated quickly.
- Clear, consistent communications response: Your communications response ensures you control the messaging. Prepare verbiage for each specific audience (e.g., employees, customers, and vendors) and for each communication outlet, such as your website, social media, and email.
- Ransomware response team: This team is your first line of defense against data loss. Select your team members carefully from all levels of the company to maximize the response team’s skill set and ensure all business-critical applications and databases are accounted for.
- First response action plan: As soon as ransomware is detected, disconnect from the network, isolate infected computers, inform the appropriate admins, and change passwords.
- Current cybersecurity and ransomware protection tools: Older solutions lack the features and capabilities required to effectively prevent and detect modern ransomware threats. If you haven’t updated your solution lately, it’s probably time to explore some new software options.
- Ransomware protection with both cybersecurity and data loss prevention: Investing in a solution that offers both cybersecurity and data protection is one of the best ways to protect your systems from ransomware and minimize damage if an attack succeeds. Combining both layers of protection into one solution reduces vulnerabilities and maximizes visibility and ease of management.
- Secure remote access: An unprecedented number of employees currently work remotely. With RDP and VPN ranking high on the list of common attack vectors, it’s more critical than ever to implement security technology to protect your company’s ever-expanding security perimeter.
- Scheduled patches and updates: Many small and mid-size companies struggle to find the IT resources needed to stay current on patching. Unfortunately, missed patches and updates leave your network wide open for attack. It’s crucial for updates and patches to be part of IT’s routine maintenance schedule.
- 3-2-1 backup strategy: Backing up your data is the only way to bounce back quickly from a ransomware attack. We recommend following the 3-2-1 backup method of making three copies of your data on two different media, with one copy stored off-site (preferably in the cloud). It is imperative that the off-site copy is inaccessible from the company network because some newer strains of ransomware specifically target backup files.
- Immutable backups: Because the data can’t be changed, immutable backups provide great protection against data loss during a ransomware attack. They are also useful for meeting compliance regulations and historical data retention.
- Frequently tested backups: Backing up data but not testing the restoration process is a recipe for disaster. At a minimum, conduct a partial disaster recovery test at least every six months and a full disaster recovery test annually.
So how do your organization’s ransomware protection practices stack up against this list?
Whether you made the naughty list or the nice list, there is always room for improvement. Download Your Guide to a Ransomware-Free Future for more tips on how to create a long-term ransomware protection strategy.