Cybercrime is evolving rapidly thanks to the pace at which technology is improving. Ransomware is one of the most common forms of attack businesses face. Many large businesses have fallen victim to ransomware attacks, and unfortunately, this perpetuates the impression that small and medium-sized companies aren’t on an attacker’s radar. This is not the case.
In October 2019, an IT consulting firm based in Wisconsin paid an undisclosed sum to an attacker who had blocked client access to patient medical records. While just 20% of ransomware victims are small businesses, over 85% of security service providers report that ransomware is one of the most common threats a small business faces.
To create a plan to protect yourself from a ransomware attack, you need to execute certain steps to make your business resilient. You also need to prepare for the worst-case scenario where you’ll be attacked.
Let’s first examine what you can do to build resilience.
The first step you need to take is to conduct a thorough review of your current security measures. Many small companies install cybersecurity systems and believe that this single solution will protect them. Cybersecurity is a continuous process, not a one-time job. You need to constantly conduct a cyber risk assessment and make sure your software is updated with the latest patches and upgrades.
Small businesses often can’t afford to install enterprise-grade security systems, but there are a few things you can do to overcome this obstacle. First, create a map of your assets and order them by the risk a breach in them poses to your business. If you have an IT department, it’s critical that both business and IT work together to create this map. Relying solely on IT to identify critical business assets might lead to an incomplete picture.
Develop a resilience plan for your most critical assets. A resilience plan includes backup schedules, business continuity plans, and recovery plans. For example, you could backup the data connected to your most critical assets more frequently than you do for others. You should also review the security of your backups and test the possibility of running operations with that data in case your primary systems are compromised.
It’s essential to create an asset risk map for your business because most small businesses respond to every threat in the same manner. A risk to a low criticality asset should not be treated with the same degree of urgency as a threat to a highly critical one. Since cybersecurity is a continuous process, you must devote additional resources to continue monitoring your plans for highly critical assets.
Disaster Handling and Recovery
While installing top-notch protection is great, you must prepare for the worst and have a recovery plan. The first step to take is to review the guidance from the No More Ransom project. One of the most critical questions to ask yourself is are you willing to pay a ransom to unlock your files?
There’s no guarantee that the keys you receive from the attacker will help you recover your files. The standard advice is to refuse to negotiate with attackers. This is why your backup plans are important. It gives you a stronger negotiating position. Make sure your employees are aware of your official approach to an attack. Your entire organization has to be on the same page during such times. Luckily, small businesses tend to find it easy to communicate official stances to their employees due to there being a small number of them.
Most importantly, do not spare any time in reporting the incident. Ransomware spreads quickly, and the sooner you report an attack, the more it can be contained and resolved. Don’t think reporting a ransomware attack is embarrassing or that you’ll suffer a loss in reputation. Reporting an attack quickly will prove you’re a responsible organization.
An Evolving Threat
There isn’t a single solution to ransomware attacks. Like the rest of cybercrime, it’s an evolving threat that small businesses have to keep pace with. Reviewing your plans and installing best practices is the way forward. The framework you’ve just read will help you do this easily.
Testing your resilience is critical. Run frequent fire drills that simulate an attack. Review the results regularly and make sure your IT team is up to speed on the latest best practices in the industry. If possible, use a continuous monitoring security system that actively scans and simulates threats to your business.
When training your employees, make sure you focus not just on making them aware of cyber threats but also on changing their behavior. Installing the latest anti-malware solution isn’t of much use if your employees are going to fall for phishing emails. Conduct interactive exercises instead of seminars and create collaborative workshops between technical and business users so that everyone is on the same page regarding cybersecurity.