What steps should businesses take for ransomware protection? 44 security experts weigh in

Ransomware is on the rise as cybercriminals turn to increasingly savvy and tougher-to-prevent means of monetizing cyber attacks. For businesses who become victim to ransomware attacks, the consequences can be devastating — ransomware that lands in some shared locations within networks can literally paralyze an organization’s operations. Thus, becoming savvier about preventing and defending against such attacks is vital for every business — and not just major enterprises, but businesses of all sizes.

But ransomware is notoriously challenging to prevent altogether, leaving many companies to believe that a reactive approach is the only way to go. While knowing how to fight back if your company is attacked by ransomware is critical, taking proactive steps to minimize the odds that your organization falls victim to ransomware is equally necessary. Preventing ransomware attacks in the first place can save your business tens of thousands of dollars — or perhaps millions — in losses due to interrupted operations, data loss, and other consequences. To gain some insight into how today’s companies are protecting themselves from and defending against ransomware attacks, we reached out to a panel of 44 security pros and business leaders and asked them to answer this question:

“How can businesses best defend against ransomware attacks?”

So how can modern organizations fend off ransomware attacks, and if your business becomes a victim to ransomware, what actions should you take to defend your company? Read on to find out what our experts reveal about what businesses should do to best defend against ransomware attacks.

 

Greg Kelley - Vestige CTO lft smallGreg Kelley is CTO for Vestige Digital Investigations, a company that performs digital forensic services and data breach response for organizations.

“Defense against ransomware attacks is a multi-layered approach…”

The first step is to verify that you have good backups of your data. Verify means that you have restored data from your backups. If you are just relying on your backup program to tell you it worked properly, you are setting yourself up for a big disappointment. The only way to know that you have good backups is to restore some of the data. Good backups also mean that you are backing up all of your critical data and backing it up in a time frame that fits your business needs. If you back up critical data once a month and you get hit by ransomware, any changes to that critical data since the last backup will be lost. Therefore, a company must consider what is an acceptable period of time to lose critical data and configure their backups accordingly.

The next step in defending against ransomware is employee education. Employees should be educated to understand that opening up every attachment sent to them is not a good thing. If the attachment is coming from an email address or name that is not recognizable, it should be discarded or provided to IT for review prior to opening. Of course, the final layer is practicing proper patch management and anti-virus scanning (including over email) but quite often ransomware gets past these safe guards hence the reason for proper backups and employee education.

+ READ FULL ARTICLE

Article Information
Digital Guardian
By Nate Lord
https://digitalguardian.com/blog/ransomware-protection-attacks