Forbes wrote a great article about protecting your organization against ransomware. Despite all the funds spent on state-of-the-art security software, the bad guys are always just one gullible user click away from staging an all-out invasion.
We’re seeing that all-out invasion play itself out almost every day of the week in the headlines.
In an article posted September 18, Forbes asked its Technology Council members to share their preferred methods to protect against becoming a ransomware victim. No surprises here that “Employee Training” was #2 on the list.
We agree. Security awareness trained employees are critically important frontline foot soldiers against this invasion. The untrained employee is one of the weakest links in your defense.
The Forber’s Technology Council’s “10 Approaches You Can Take To Shield Yourself Against Ransomware Attacks”
1. Engage With Ethical Hackers To Find Your Security Vulnerabilities Before The Bad Actors Do
More and more businesses and government agencies are engaging with independent security researchers to help them find vulnerabilities in their systems that they otherwise wouldn't. Most cyberattacks are executed via security holes unknown to the target organization, so having well-intentioned hackers find vulnerabilities in our computer systems is the closest we can get to real-world conditions. - Alex Bekker, HackerOne
2. Train Your Employees
Most hacking is really just social engineering. Minimizing the chance of this through employee training is probably the single-most important thing to do. It’s also important to layer filtering in order to prevent phishing emails from showing up in your inbox in the first place. - Timothy Chaves, ZipBooks Online Bookkeeping Services
3. Frequently Backup And Automate Quarantining
What's saved us from ransomware multiple times is that we ensure all of our devices are backed up regularly by using a service account that pulls files off of each device. Files are zipped before reaching the backup location, and the backup only accepts zip files. When our device management agent sees an infection on a device, it becomes automatically quarantined, blocking all network connections. - Brian Fritton, Patch of Land
Note: There are additional backup strategies we discussed to save your data from a ransomware attack. See https://blog.knowbe4.com/ransomware-can-destroy-backups-in-four-ways
4. Practice A Least-Privilege Approach
Besides consistent robust backups and security awareness training, we practice the least-privilege principle. All users use a non-privileged account and, escalate permissions and privileges based on needs, thereby reducing unnecessary risk to ransomware attacks or other security breaches. By taking a proactive approach, your company places itself in a better position to prevent an attack. - Alexandro Pando, Xyrupt
5. Always Install System Updates
Following security best practices -- such as not reusing passwords, using multi-factor authentication and immediately installing system updates as they are released -- goes a long way. A lot of the casualties of WannaCry were the result of systems running on unpatched legacy software. Stringent data access and thorough backup policies will also render crypto-locker attacks much less effective. - Saul Diez-Guerra, Thinkful
6. Implement A Plan For Continuous Operations
Businesses should certainly do everything they can to block ransomware and other attacks from occurring. However, hackers are typically a step or two ahead of the cybersecurity industry; therefore, attacks will happen. The most important thing that a company can do is ensure continuous operations by having a robust and easily implemented data and infrastructure recovery plan. - Jonathan Babad, DIRECTED
7. Have A Response In Place To Handle Attacks As They Happen
While preventative measures have their place, the best defense against breaches is a robust incident response strategy, which should be able to not only detect the signs of ransomware but automatically analyze, isolate and contain the threat so that it cannot cause additional damage. Closing the loop creates a more impervious defense, regardless of when, where and how many points of entry exist. - Gabby Nizri, Ayehu Inc
8. Use Software-Defined Storage With Continuous Data Protection
Traditional backup systems leave too much data unprotected and do not offer sufficient protection. A highly effective way to protect against ransomware, which we use in our IT operations, is software-defined storage with continuous data protection. CDP enables IT to recover data prior to a ransomware attack. Proper ransomware protection includes CDP, remote backups and up-to-date security software. - George Teixeira, DataCore Software
9. Don't Be An Easy Target
Most cybercriminals using ransomware attacks go after easy targets. They specifically victimize organizations with weak patch management, slip past unrestricted firewall policies, and exploit well-known and easily detected vulnerabilities. Avoid becoming a statistic by promoting strong security hygiene and following industry best practices for secure and well-architected infrastructures in the cloud. - Justin Lundy, Evident.io
10. Follow These Key Steps
Our company’s ransomware protection policy is based on the following principles: Install the latest Windows OS version, keep on OS vulnerabilities patching schedule and filter browser traffic with the help of a proxy server. - Boris Shiklo, ScienceSoft
EXCELLENT ADVICE !
See how user training works with a live, one-on-one demo.
PS: Don't like to click on redirected buttons? Cut & Paste this link in your browser:
https://info.knowbe4.com/kmsat-request-a-demo
