In previous articles, we have looked at what types of ransomware attacks occur and the devastating financial impact it can have on organizations. But what can businesses do to prevent ransomware attacks and limit their impact?
- Train employees on cybersecurity
- Backup data and have a recovery plan in place
- Conduct regular patching and updates on software used within the company
- Have the appropriate insurance in place
- Invest in password security and multi-factor authentication
- Secure your emails with S/MIME
- Implement or review your Bring Your Own Device (BYOD) Policy
- Have an Incident Response Plan and team in place
- Complete regular security audits
1. Train Your Employees on Cybersecurity
Organizations mut be vigilant in training employees about cybersecurity, the associated threats and how to guard against them. According to Verizon, 82% of data breaches involved human element and providing education on the types of threat actors your business is up against will help to decrease the likelihood of an attack, such as phishing or ransomware occurring.
2. Backup Your Data and Have a Recovery Plan In Place
Backing up your data on a regular basis will give the best chance to helping business recover from a ransomware infection, as well as minimizing the damage caused. Don’t forget to also protect the backup to protect it from cyberthreats.
3. Conduct Regular Patching and Updates on Software Used Within The Company
More often than not, ransomware attackers find entry points to systems through software by exploiting their vulnerabilities. Developers generally will actively search for these vulnerabilities and release patches for them. 60% of companies don’t patch their systems on a regular basis, but it’s by doing this, businesses can strengthen and safeguard against any potential weaknesses.
4. Have the Appropriate Insurance In Place
As threat actors target businesses of all sizes, from large enterprise’s to SME’s, it’s important to make sure your company is insured against ransomware. This is not your traditional business policy but a dedicated ‘cyber liability’ policy.
The Direct Line Group reported earlier this year that only a quarter (26%) of small business professionals see cybersecurity as a top priority for their organisation and one in six (17%) don’t see it as a priority at all.
5. Invest In Password Security and Multi-Factor Authentication
Single-factor methods of authentication (i.e. username and passwords) are no longer a sufficient security control. Whilst you can invest and strengthen password security through programs such as a password manager, it is also worth considering authentication.
- Two-factor or multi-factor authentication is an essential to providing an additional layer of protection to organization’s sensitive data
- Mobile authentication enables businesses to control which mobile devices access corporate resources
6. Secure Your Emails with S/MIME
More than 90% of ransomware attacks are executed through phishing emails. Securing your business’ emails can give trust to your customers and stakeholders that the communications received by those within your company are valid and legitimate. You can do this with a protocol called S/MIME. In a nutshell, S/MIME uses two cryptographic functions which can verify the email sender’s identity and protect the communication when in transit on mail servers through the use of encryption.
By using such a protocol, not only can you increase customer trust but also protect your business by blocking potential phishing attempts, and allow your business to implement remediation.
7. Implement or review your Bring Your Own Device (BYOD) Policy
Since the pandemic, homeworking and hybrid-working have increased in popularity, and with this some employees have being using their own devices to gain access to the company’s network. But with this comes risks; lost or stolen devices, password protection, mobile app breaches, and non-encrypted data and connections.
If your employees are using their own device, consider implementing a BYOD policy, and if you have one already in place, review it for weaknesses. Read our white paper on BYOD and discover tips on creating a balanced strategy and the solutions available to help protect your company.
8. Have an Incident Response Plan and Team in Place
Prepare an Incident Response Plan (IRP) as soon as possible, either drafted by your CISO or through a company and legal committee – collectively known as the Incident Response Team (IRT). The IRT members make decisions and delegate tasks within the IRP, including full contact details as well as backup personnel.
9. Complete regular security audits
Your business should be continuously monitoring assets and deployment of technologies to contain threats. A security audit should be conducted regularly both internally and externally and include reviews of data security, operational security, network security, system security and physical security.
This list is definitely not exhaustive of all the options your business has to help protect your organization against ransomware, but it is a foundation to start building your fort against threat actors.