Many organizations seek comfort in the notion that ransomware attacks only target 'big business' or those behind world-shaking products. However, the truth is becoming harder to deny. Recent years have seen a third of small-to-medium (SME) businesses attacked worldwide. And this pattern has escalated since the pandemic. Fortinet's Global Threat Landscape Report revealed a sevenfold increase in ransomware attacks in the fourth quarter of 2020 alone. As recently as February 2021, CD Projekt Red, a gaming software company, was hit and nearly crippled by the ransomware gang HelloKitty.
What if I take my chances?
Cybersecurity often shares the loathsome space beside insurance. It's seen as a hassle—something you do because you need it for an audit—rather than a crucial activity that keeps your business safe. Imagine this: you're walking across a crowded parking lot, your arms loaded down with shopping bags. You throw them inside the car and turn on your heels to shop some more. Of course, you'd never leave without locking the car. You even bury the most expensive packages in the trunk before you go. In the same way, you should never leave your valuable business assets in the open and unguarded. Yet, an organization without a sound cyber strategy does just that.
Ransomware prevention best practices
Understanding it keeps our companies (and therefore our employment) safe, certain security activities and software are essential protection, not just insurance. Here are four threat prevention measures all organizations should champion:
- Start with a good antivirus and antimalware package to combat the multiple attack methods employed by cybercriminals.
- Initiate a training program and regular all-hands meetings to build awareness of phishing emails. The human factor is the most significant weaknesses and common ransomware target.
- Enable multi-factor authentication for your remote workforce, if not all employees, especially those with privileged access.
- Reinforce the importance of long and strong multi-character passwords. As mundane as it sounds, they're still a powerful part of any anti-ransomware toolkit. A password manager like LastPass can help.
No one can say with conviction, "it won't happen to me," but you can reduce your risk. Adopt a new perspective on cybersecurity and secure the safety—and vitality—of your business.
Need help forging a solid cybersecurity plan? ERP Suites can help. Reach out anytime to learn more about our range of IT security services.
Shawn Meade
Shawn Meade leads the Information Security team at ERP Suites. He has been in the IT industry for over 20 years and dealt with Information Security throughout his career including work with PCI, HIPPA, and HITRUST.
