Protect your company from a ransomware attack
CIOs and the CISO have had one word on the tip of their tongues this past month – ransomware attack. The WannaCry ransomware attack has companies of all sizes, in all industries, on edge since locking down more than 300,000 systems in at least 150 countries. For some, the ransom is a small price to pay to regain access to invaluable files, data, and intellectual property, especially in hard-hit financial and healthcare organisations.
If you have not already paid attention to ransomware defences, now is the time to exercise diligence. A second wave of WannaCry is likely on its way, if it hasn’t already arrived, and other types of ransomware will continue to wreak havoc. So, how can you limit the risk of being held hostage by this or the next big threat on the horizon? There are several relatively straightforward steps to take to lessen your chances of falling victim to WannaCry and other malware.
- Be sure your software and security solutions are up-to-date, particularly if you run Microsoft Windows. Failing to install updates and patches leaves your systems vulnerable; all organizations should follow this advice, not just those at risk for WannaCry.
- Software patches are only a first defense, however. Ensure your network is adequately defended from threats by implementing additional cybersecurity best practices, including:
- Back up your data regularly. Data backups can’t be held for ransom! Some previous victims of ransomware attacks used backups to restore data and sidestep paying the attackers.
- Define and implement a multi-layered, defense-in-depth security approach that protects the many vectors ransomware looks to exploit. This helps limit the installation, spread, and execution of malware like WannaCry.
- Educate your employees about security best practices. Don’t underestimate the role of human error when malware strikes. Many cybersecurity breaches start with a careless, seemingly benign error made by a team member – like clicking on a link or attachment in a phishing email.
- Integrate state-of-the-art cybersecurity services and solutions into your security protocols. For example, using cloud-based solutions, like Cisco Umbrella, you can block connections from malware to internet-based command-and-control servers that can effectively trigger a “kill switch” and render a virus ineffective.
If you want to understand more and ensure you have the right security to protect your business and users, come and visit the Cisilion Innovation centre for a bespoke ransomware demo and speak to one of our security consultants about Cisco’s Security solutions.