Cyber criminals are increasingly using ransomware attacks to extort money from organizations around the world. Large hospital groups are the latest high-profile victims, but businesses of all sizes and types are being attacked every day. Recovering from a ransomware attack can cost thousands of dollars in damages, repairs, and lost productivity. So what can you do to avoid an attack?
Prepare. Much like a soldier preparing for a mission, you should always prepare for the worst to minimize your risk of attack. Here are a few ways to layer your defense:
- Back up your data securely on a regular basis. Try to avoid backing up your data on flash drives and external hard drives as these devices are more prone to malware attacks, such as the Cryptolocker virus. Keep your backups secure, by ensuring they aren’t connected to the computers or networks you’re backing up.
- Ensure your antivirus software is up-to-date. Threats are constantly changing and updating your antivirus software and conducting regular scans is one way to stay ahead of the curve.
- Consider a Next Generation Firewall (NGFW) as opposed to a standard firewall. NGFWs are “smart” firewalls that scan every file as they enter your network and allow you to control traffic in a granular matter so employees can access the sites they need to without putting your network at risk.
- Get a Security Risk Assessment (SRA) and have regular scans in place. SRAs tell you what you’re vulnerable to and will you help protect your customer, patient, or employee data in the event of a breach.
Plan. Work with key leaders to develop a Disaster Recovery Plan for your business. How will your business continue to operate if you are a victim of a cyberattack? What steps will you take to recover your data and ensure your network and infrastructure are safe to operate after the attack has occurred? Having a solid plan in place will keep you
Educate. Educating your team members is a critical link in your defense structure. Education on topics such as how to spot a phishing attack can be quickly handled during a company meeting or training session. Show your employees examples of common attacks and demonstrate how users can be part of the defense of your network.
Communicate. Let your employees know what to do if a ransomware attack occurs. Additionally, all users should be well-aware of the company’s security policies and any subsequent updates.