Over the past several weeks, cyber breaches have almost become a daily headline. The warnings started with IT vendors, moved to the FBI, and on June 2, 2021, the issue reached the White House where corporate leaders were challenged to strengthen their ransomware defense efforts. The White House has even released several best practices to reduce risk. To be successful in protecting our data requires more than a simple test or document. We must be proactive in our prevention of Ransomware. Below are some best practices to prevent the attack from happening to you and ways to prevent needing to pay the Ransom if you are breached.

While the items below are important for the protection of your business, they are also critical to the future growth and success of public and private sectors’ resiliency from cyberattacks. Here are five best practices every business should adopt in our fight to mitigate the risk of ransomware.

Current updates

Hardware and Software

There are two ways to stay updated.  First, hardware and software vendors are constantly patching their products to limit security flaws. Make sure your security or information technology team is installing the updates as they become available. There are programs out there designed to ensure the critical updates have been deployed. In a network environment, much of this can be facilitated from the server to ensure compliance and mitigate the risk of a vulnerability being exploited.

People

One of the largest variables when it comes to cybersecurity is the staff using the equipment. IT departments can secure equipment, but the staff needs to be aware of the surroundings. Make sure your staff is well trained and tested when it comes to social engineering attacks. Most breaches occur when the cybercriminal finds a way to engage with an unsuspecting user and one of a multitude of breach methods ensues.  Train your staff and test them often – at least once a month.

Backups are great. Restoring data is better

Too often, prospects call because they have been breached and they realize the backups have been encrypted as well.  Verify the data in the backup is available and can be restored. Having a backup onsite or on-net is a good way to perform restores quickly, but make sure to keep your primary backups offline so they can’t be deleted or locked by hackers. Having a backup at a remote site, but still on the network is not secure.  Make sure it’s off your network.

Test your response plan

Like any other business process, it is important to run a practice incident response simulating a service outage, lockdown, or natural disaster, is very helpful.  A preparedness test will identify any gaps in your recovery plans, so you are ready to recover before it’s too late.

Use a third party to simulate an attack

Hiring a third party specializing in vulnerability and penetration testing will assist in identifying vulnerabilities before the cybercriminals find them. This vendor will identify potential weaknesses in the network or proactively attempt to breach a network.  This exercise will allow you to either address the items internally or work with the vendor to close those security gaps. The cost for testing varies based on the type of exercise (searching for vulnerabilities versus designing a proactive attack) and the size of a business.

Layers are key

Ransomware attacks are posing an ever-increasing risk to every operational network everywhere.  Attempting to have one firewall or network device that protects everything is not a good strategy.  Tasks like segmenting network traffic, applying policies to isolate data and only allow users access to the data necessary to perform the tasks.  This idea of providing “least privilege” prevents a breach from growing beyond the breached data.

Conclusion

While this is a high-level overview of cybersecurity, at MCM Technology, we are focused on safeguarding your information and we will work diligently to ensure your protection.

As we have been hearing over the past year, “We’re in this together” and when it comes to Cyber security, there is no more accurate statement.  IT cannot protect a network without the help of the entire team.  We need to work together, and we will be on your side to assist you as we can. Please reach out to Jim Kramer at jim.kramer@mcmtsg.com for more information.