Your objective is to mitigate the impact of your next ransomware attack.
- Get Serious about Patching – Systems sometimes go unpatched because they are preceived as too critical to touch too oftern. Most of the time it’s simply IT doesn’t have full visibility into all of their assets and what the current status is. Best to get your asset management act together and use that information to effective patching.
- Backup – Rethink how this is viewed. It not only is very important for events such as fire, floods, tornados, hurricanes or earthquakes anymore. Think of backup as a critical element of data defense. If your data is safely backedup, you can skip the payment of ransomware when they encrypt the critical data.
- Backup freqently to minimize the business impact or business continuety.
- Review the information that one may not think of as critical. If these items are lost, how long or much effort would it require to remake the files? This lack of productivity should be considered when deciding whether to back up some files or not.
- Consideration for backups that are off-line or air-gapped are important. Consideration on how to keep these from being encrypted or lost in the event something happens.
- Segment the network – Most ransomware attacks propagate across connected systems by taking advantage of system adminintrator privledges that run in the background. Are your various networks being monitored by the proper tools for suspicious activity?
- Up to date monitoring tools – Many enterprises have been slow to update tools for monitoring the systems. As the world changes, especially the attackers, keep the tools up to date for the most effective blocking of attackers.
- Invest in the next generation of technology – With new cybersecurity technologies available, keep your systems up to date. You maybe looking for malicious IP addresses, malicious code without requiring signatures, or deceptive attackers looking to explore your environment. Use the most effective recent tools.
- Develop Response Discipline – Risk mitigation isn’t just about preventing attacks. It is also about responding the best way when they do happen. If you improve your response you build cyber resilience and discipline into your organization.
- Educate Users – We may assume people will recognize something as simple as a phishing attack. This can be a very dangerous assumption. Train, train and retrain. This awareness needs to be built deeply into the brain and bones of everyone. Humans are imperfect and emotions can change an action at a very critical moment. Make sure everyone signs of on policies and procedures related to cyber events and phishing attacks. Create consequences for bad actions, and enforce them rigoursly.
One last piece of advice. FBI and other authorities say to never pay a ransom.
Curran Data Technologies – 800-628-9085 – CurranData.com