Build these five habits to reduce the risk of ransomware

An image of Randomware, Security & Data, Build these five habits to reduce the risk of ransomware

David Emm, Principal Security Researcher, Kaspersky, shares with Top Business Tech the five key ways in which IT leaders can ensure that their organisations are protected against ransomware attacks.

Following a spate of high-profile attacks, it is all too easy to consider ransomware a threat to large, well-known businesses. Research, however, suggests this is far from the case. There are plenty of reasons for small or medium businesses (SMBs) to be proactively approaching the issue of ransomware. 35% of SMBs hit by a ransomware attack in 2020 at an average cost of US$183k[1]; this is a trend that shouldn’t be ignored.

SMB’s can no longer treat cybersecurity as a lesser priority compared to other businesses issues. Pre-emptively securing your businesses, as well as building a plan, is now essential for business continuity. This is to say, if the threat of ransomware isn’t on your radar, you are putting your business and its data at substantial risk. 

In light of the recent Anti-Ransomware Day, here are some key measures and best practices for businesses.

1. Backup systems as an ongoing process

Making system backups should be a regular process, and ensuring they are up-to-date and accessible is vital. And keep them on devices not connected to the corporate IT network. That will keep data safe if the entire network is ever compromised. Also, ensure you can find and invoke backups quickly in case of an emergency. This is great practice for any number of situations, not just ransomware. Think of it like being able to go back in time to before any incident caused loss or corruption of company data. One big benefit of this approach is that the business can continue running smoothly without downtime interruption. 

2. Consider updates a cybersecurity essential

Making updates when prompted by your operating system can seem like an unnecessary pain – particularly if you’re making great progress on work or have a list of emails to send. But, running an update on your OS or business software can provide critical security updates, as well as features that may just do the work you’re doing easier. Instead of seeing it as wasted time, use it to stretch your legs, rest your eyes, grab a drink, and come back with renewed focus – and most importantly, a secure machine.

3. Maintain communication around cybersecurity

Knowledge is power when it comes to being safe online, so make sure you talk to your employees about the variety of cybersecurity threats they might encounter, whether phishing emails, untrustworthy websites or software downloaded from unofficial sources. Make the process relaxed and informal with an ‘ask me anything’ online session accompanied with plenty of imagery and real stories to keep it engaging and relatable. If a more formal approach is needed, consider interactive training and tests to ensure staff remain vigilant. Special attention is paid to employees who work with sensitive data, such as accountancy, legal, and HR.

4. Remain disciplined with safe passwords

Not all passwords are created equal, so make sure you use strong ones to access corporate services and use multi-factor authentication to access remote services. This is particularly important for business services like accountancy, where such precautions can save data and money from accidental or deliberate actions. Take the example of a lost laptop. Most businesses are prepared for the loss of physical property, but it’s only with secure passwords that they can be reassured that data will remain secure should the laptop fall into the wrong hands.

Password managers can be an effective way of making this process easier. These software programs create, store and enter secure passwords for you so that all you need to remember is the password to launch the password manager. This removes the barrier to remembering multiple different passwords, which often leads to individuals using weak passwords or one password across multiple accounts. 

5. Plan for the worst

When instances of data loss occur for any reason, panic often ensues, with different departments assessing how it will affect them and their teams. Response and crisis communication plans will take the edge off a terrible situation if the worst does happen. See it as a shelter and a stock of supplies against a future storm that will help your business better weather it by saving time on decision-making if an urgent response is needed.

What if the worst happens?

Ransomware is a threat to businesses of all size and scope, and it remains crucial to stay vigilant. As a rule, never pay the ransom. Although this may seem like the best and only option at the time, this will not guarantee that seized data will be returned. On the contrary, it will only confirm that the perpetrator’s activity works. To tackle ransomware long term, we all need to do our part to show that crime doesn’t pay.

Notably, our global study of 15,000 consumers found that only a quarter of those who paid fraudsters ever got their data back. The top priorities following a data breach should be to report the crime to your local law enforcement agency or find a decryption tool online through a reputable source such as No More Ransom.

There is no magic solution for ransomware attacks, and this is especially the case after they have occurred. For businesses of all sizes, however, cybersecurity can be enhanced massively by simply cultivating good habits. By making cybersecurity a seamless part of your day-to-day operations, you limit the potential of a vulnerability and limit the effort required to be ‘cybersecure’. 

READ MORE:

  [1] According to Kaspersky IT Security Risks Survey 2020. For the survey, 5,266 IT business decision-makers were interviewed across 31 countries in June 2020.

For more news from Top Business Tech, don’t forget to subscribe to our daily bulletin!

Follow us on LinkedIn and Twitter

An image of Randomware, Security & Data, Build these five habits to reduce the risk of ransomware

David Emm

David Emm is Principal Security Researcher at Kaspersky, a provider of security and threat management solutions. David joined Kaspersky in 2004. He is a member of the company's Global Research & Analysis Team (GReAT) and has worked in the anti-malware industry since 1990 in a variety of roles, including that of Senior Technology Consultant at Dr Solomon's Software, and Systems Engineer and Product Manager at McAfee.

Right Sizing & Workload Optimization in the Cloud

Joon Lee • 11th September 2023

Organizations facing the challenges of scaling their cloud infrastructure can achieve improved performance by implementing the principles of right sizing their infrastructure. This practice is essential for optimizing cloud infrastructure and enhancing its overall effectiveness. In this guide, we will discuss the benefits of right sizing, including optimizing costs, eliminating waste and improving performance. We’ll...

OVHcloud Is at the Forefront of the Data Revolution

Karen Kokiko • 11th September 2023

Information technology is going through a digital transformation and reshaping how we do business, how we interact, how we make decisions, and how we influence our society. OVHcloud® is at the forefront of this data revolution, standing apart from the competition with a strong commitment to creating a level playing field and the opportunity for...

Nutanix on OVHcloud US Offers a Hybrid Multicloud Solution

Joon Lee • 11th September 2023

Nutanix is a leading cloud computing software company that helps companies simplify their cloud strategies by using hyperconverged infrastructure (HCI) environments. Hyperconvergence is a software-centric architecture that tightly integrates compute, storage, networking, and virtualization resources and other technologies on commodity hardware servers supported by a single vendor.

OVHcloud Is at the Forefront of the Data Revolution

Karen Kokiko • 11th September 2023

Information technology is going through a digital transformation and reshaping how we do business, how we interact, how we make decisions, and how we influence our society. OVHcloud® is at the forefront of this data revolution, standing apart from the competition with a strong commitment to creating a level playing field and the opportunity for...

Can Europe take on the US Cloud giants?

Richard Hilton • 30th August 2023

With so many issues coming up about cloud storage, what is the solution to the dominance of the major giants like AWS (32%), Microsoft (23%) and Google (10%) taking 65% of the world cloud market?

The race to dominate the AI space

Kevin Cole • 24th August 2023

The launch of Chat GPT-4 in March of this year provided the catalyst for a conversation that has been gaining momentum for some time now: How will artificial intelligence (AI) change the world?