A cyber security incident response plan should outline the general steps for responding to computer...
Ransomware and malware attacks – 5 best practices you should follow
World Bank statistics show that small and medium enterprises (SMEs) play a vital role in most economies and account for 90% of businesses and 50% of employment globally. These include enterprises such as restaurants, dental practices, start-ups, as well as established businesses. Still, cybersecurity is not always at the forefront of concerns for SME owners and as such, they are often ill-prepared to deal with cyber threats. The mistaken belief that “we are too small to be worth it to cybercriminals” is exactly what makes SMEs the perfect target. Cybercriminals count on small businesses to forgo cybersecurity countermeasures so they can access their networks to steal company, customer and financial data. The statistics speak for themselves: ransomware attacks cost an estimated $915 million in 2020, phishing accounts for 90% of all reported data breaches, and the reported losses for cybercrime in 2020 exceeded $4.1 billion. We consider 5 best practices for SMEs to best prepare for ransomware and malware attacks:
- Regularly conduct network assessments
- Use zero-trust network access
- Educate your employees
- Create a mobile device action plan
- Automate your response
Cybersecurity should never take a backseat as inadequate cybersecurity planning can lead to ransomware attacks and other network issues that, overall, will have a substantial cost impact to fix. Cybersecurity incidents can vary from distributed denial-of-service (DDoS) attacks causing hours of downtime and revenue loss to malware attacks that include ransomware that can ultimately lead to a company going out of business. Even though large enterprises are considered more lucrative prey, SMEs should not relax their efforts to defend against such attacks.
1. Regularly conduct network assessments
Before a business can implement a cybersecurity roadmap, it should first conduct a network assessment to determine, amongst others:
- which network-connected devices need to be secured or removed
- whether there are network functionality issues
- if any infrastructure (hardware/software) must be updated
- if there are any network security issues such as open ports or active cyber threats.
It is important to perform regular network assessments to better secure your company’s network and determine which parts of your network infrastructure need security updates.
2. Use zero-trust network access
Over the last few years, zero-trust network access (ZTNA) has emerged as an alternative to VPNs. VPNs are still a great way to secure your network, but it has exhibited certain issues related to latency, productivity and scalability. Zero trust is founded on the belief that no organization should automatically trust anything originating inside or outside their network unless there is proof to the contrary. ZTNA protects against security risks associated with automatically trusting everything within an organization’s network such as programs, software and more and so open the organization up to cyber breaches.
3. Educate your employees
Cybercriminals become savvier by the day which makes it essential to regularly update new protocols and hold employees accountable. For this reason, all employees with network access should receive adequate and continuous training on cybersecurity best practices and security policies to ensure they are informed and understand the implications of not following security policies and practices.
4. Create a mobile device action plan
Mobile devices can pose substantial security and management risks especially if they have access to an organization’s network. Users should be required to password-protect their devices, encrypt their data and install the necessary security software to prevent cybercriminals from accessing and stealing information while the phone is on the public network.
5. Automate your response
Finally, it should be accepted that no organization will ever be 100% immune to ransomware or malware attacks. Therefore, during a ransomware attack speed of action is critical since the ransomware software is trying to encrypt as much as possible, both on the first computer infected and all others connected to it. The fastest way to respond to an attack is by automating your ransomware attack/cybersecurity plan.
Cybercriminals use automation to improve the speed with which they deploy ransomware and malware attacks. One of the best ways to keep up with and defend against these threats is to employ automation as part of your cybersecurity strategy. Plan4Continuity automates the process of creating, activating, reporting, and simulating cloud-based cyberattack plans as part of your business continuity strategy.