Q1 of 2016 saw a 3,500% boom in the number of ransomware domains created—and now IT pros everywhere are in a showdown with ransomware, hoping their users don’t accidentally make the first move.
To prevent a ransomware attack, tech experts and information security leaders should do the following:
- Keep clear inventories of all your digital assets and their locations so cybercriminals do not attack a system you are unaware of.
- Keep all software up to date, including operating systems and applications.
- Back up all information every day, including information on employee devices, so you can restore encrypted data if attacked.
- Back up all information to a secure offsite location.
- Segment your network: Don’t place all data on one file share accessed by everyone in the company.
- Train staff on cybersecurity practices, emphasizing that they should not open attachments or links from unknown sources.
- Develop a communication strategy to inform employees if a virus reaches the company network.
- Before an attack happens, work with your board to determine whether your company will plan to pay a ransom or launch an investigation.
- Perform a threat analysis in communication with vendors to go over cybersecurity throughout the lifecycle of a particular device or application.
- Instruct information security teams to perform penetration testing to find any vulnerabilities.