It’s Friday morning, and you are the first one to arrive at the office because, honestly, you want to be the first one out so you can finally meet your friends for happy hour. It’s been a long week, and gosh darn it, you deserve a little fun.
You go through the motions of opening the office – turn off the alarm, turn on the lights, brew yourself a cup of coffee, and sit down, enjoying the silence and the beautiful potential to get your work done before office-hour distractions put a damper on your productivity.
After pushing the power button on your desktop, you glance outside at the people from another office doing calisthenics in the parking lot, and you feel a bit smug that you have already tackled your workout this morning, albeit in the dark. This is going to be the best day ever.
As you glance back at your computer, you see an unfamiliar screen, an image that looks like this:
You stare at it. You read it again and again. So, what - only my personal files are encrypted? This is my work desktop. Have they encrypted my work files? Do they have my clients’ personal information? What kind of damage have they done already?
Don’t expect to get an answer from a hacker.
You don’t touch anything, but you are keenly aware that the little voice inside your head is shrieking, and your happy hour plans are in jeopardy.
Now what?
No, really, what are you going to do? Right. Now.
Don’t Wait for the Inevitable
It’s just a matter of time before a hacker determines that your company is valuable - and vulnerable enough to target. Look around your organization. What is your most valuable asset? Can’t determine just one? Maybe you have lots of sensitive data? Perhaps you design, produce, and distribute an essential infrastructure component? Maybe your product research can be sold to competing companies on the black market? Maybe your entire net worth is locked in your corporation, and you truly can’t afford to be offline for days or weeks, when even hours of downtime will impact your bottom line.
Your organization is too important to be destroyed on the whim of hacker. But obviously not precious enough to have taken the time to prepare and invest in a robust cybersecurity strategy, implement Vulnerability and Risk Management solutions, and insist that your teams use the 3-2-1 data backup protocol.
Always be Prepared
No one wakes up knowing that today is the day to put up your best defenses. That’s like knowing when you will be the victim of a car accident to decide when to wear your seatbelt. You take safety precautions when participating in risky activities and maintain health insurance. Running a business carries the same kind of risk, and you must take every precaution to protect your physical and digital assets. While it might make sense to buy cybersecurity insurance as a financial buffer, insurance won’t help you get up and running faster after an attack.
It takes you a bit longer than it should. Still, you make the call to your Security Operations Center (SOC) to deploy cybersecurity experts and the Incident Response team so they can discover the impact of the attack and take charge of remediation and recovery efforts.
And if you don’t have a SOC? Curse like a sailor, give yourself a big kick in the pants and note the following information.
How to Defend Yourself Against a Ransomware Attack
What lessons have you learned from a previous cyberattack on your own company or another company in your industry? The painful experience usually leads to greater executive buy-in to tighten data and security controls – but why wait until after an event? Improve your cybersecurity posture NOW!
Here are some fundamental cybersecurity tips:
- Use cybersecurity awareness training to make your employees aware of phishing emails and texts to avoid downloading any unfamiliar attachments and apps
- Update and install patches when available to plug security vulnerabilities
- Implement multifactor authentication (MFA) on all devices and for all users
- Use two firewalls instead of relying on one
- And most importantly—BACK. UP. YOUR. DATA.
The Cybersecurity & Infrastructure Security Agency (CISA) has a helpful recorded presentation on how to identify, respond, and remediate after a ransomware event. Watch the seminar here.
Where are you on the Cybersecurity Matrix?
Cybersecurity is a business problem – one that can't be fixed with individual tools. The best ransomware response plan is one that is part of an overall cybersecurity strategy, built in advance and designed to protect your business outcomes.
What you need to protect your business is a cybersecurity framework that delivers the overall structure to protect the business.
Address the following elements of the Cybersecurity Defense Matrix to map your cyber maturity and highlight areas for improvement:
- Agree on how much risk you are willing to tolerate
- Assess the effectiveness of your current risk management program
- Understand the impact of an attack on critical processes
- Who is responsible for vulnerability management?
- Define what you need to protect (devices, applications, network, data & users)
- Determine actions needed to implement protection across your IT environment
- How do you identify, protect, detect, respond to, and recover from an event?
If you don't have the time or resources to focus on improving your business's cybersecurity maturity, please reach out to a Managed Service Provider (MSP) or Managed Security Services Provider (MSSP), like TBConsulting (TBC). TBC has 25 years of on-the-ground (and in the cloud!) IT experience and can support your launch into cyber maturity. TBC delivers white-glove IT services to businesses, from small to enterprise-level, and is focused on the success and growth of our clients across multiple industries
If you are interested in learning more about how to best protect your business from cyberattacks, please reach out and schedule a chat with one of our cybersecurity experts. Want to know the best tools, the best processes, our favorite tech tactics? Ask the experts!