Apr 07, 2020
How to Stop Ransomware in 2020
Read this original story in Forbes.
Technology touches nearly every corner of our daily lives, and we heavily rely on it to support critical decisions both while at work and at home.
However, the technology that we lean on is under attack. According to the Beazley Breach Briefing – 2020, ransomware incidents increased by more than 130 percent in 2019. It’s no longer a question of if your organization will be attacked by ransomware, but when.
Practicing good cyber hygiene is critical to protecting against ransomware attacks that can force business operations to a grinding halt. Yet, it’s not too late to consider ransomware protection and these key defense strategies to diminish the impact of an attack.
- Endpoints: Organizations have many different types of endpoints across their entire business and they do not always have a complete inventory or understand their risks. Securing endpoints is no longer just installing antivirus. It now encompasses managing the hygiene of all endpoints, including configuration and patching.
- Two-factor authentication: Hackers collect employee credentials by phishing or harvesting previous breaches. They then use stolen employee login credentials as the key entry into an organization's infrastructure to deploy ransomware. Consider adopting two-factor authentication to significantly reduce the risk of an attack.
- Conduct an inventory of the threat landscape: Understanding the threat landscape is paramount to protecting your organization's IT infrastructure. This includes identifying the critical assets and data, understanding how they fit into the workflow, and how they might be exposed to hackers.
- Develop a list of who has access to your assets: This list should extend beyond just your employees, including partners and customers. This will add clarity helping to determine the accounts that might be targeted by hackers.
- Create a business continuity strategy: While attacks can be mitigated, there’s no way to guarantee protection for your organization. A business continuity and disaster recovery (BCDR) solution should be an essential component of a larger strategy to support business activities if attacked.
- Education: Use your employees to help manage risk by educating them on how to spot the signs of an attack. Consider a cybersecurity training so employees can learn just how ransomware can be harmful to their organization.
- Assess your plan: IT infrastructure and threat landscapes are constantly evolving. Conduct quarterly audits of your cyber hygiene practices and compare it to your previous one. This will help to identify new gaps or weaknesses.