How to Protect Your Business from Ransomware

Ransomware is here. Every week there are multiple stories in the news about entire municipal governments being hit and taken out of commission. Ransomware is real. It is not a joke.

Ransomware is a type of malicious software that encrypts (locks) the files on a computer, with the attacker demanding payment before the files are decrypted so that the victim can access them once again. It remains a massive threat to small-to-mid-sized businesses. From Q2 2016 – Q2 2018, 79% of MSPs report ransomware attacks against customers. In the first 6 months of 2018 alone, 55% report ransomware attacks against clients. 92% of MSPs predict the number of ransomware attacks will continue at current, or worse, rates.

Lack of cybersecurity education is a leading cause of a successful ransomware attack. Phishing emails are the top ransomware delivery method followed by malicious websites, web ads, and clickbait.

The aftermath of a ransomware attack can be crippling for a business. Unprepared, business-threatening downtime is inevitable. The cost of business downtime is 10X greater than the cost of the ransom requested. MSPs report the average requested ransom for SMBs is ~$4,300 while the average cost of downtime related to a ransomware attack is ~$46,800.

No industry is safe from ransomware and there is no solution that will 100% protect your business. Your plan has to be multifaceted and must ultimately rely on an expedient method to recover.

Here is what you need to do:

  • Businesses must prepare the front line of defense: your employees. Today’s companies must provide regular and mandatory cybersecurity training to ensure all employees are able to spot and avoid a potential phishing scam in their inbox, a leading entrance point for ransomware.

  • Businesses must leverage multiple solutions to prepare for the worst. Today’s standard security solutions are no match for today’s ransomware, which can penetrate organizations in multiple ways. Reducing the risk of infections requires a multilayered approach rather than a single product.

  • Businesses must ensure business continuity with BCDR. There is no sure fire way of preventing ransomware. Instead, businesses should focus on how to maintain operations despite a ransomware attack. One way to do this is a solid, fast and reliable business continuity and disaster recovery solution.

  • Businesses need a dedicated cybersecurity professional to ensure business continuity. SMBs often rely on a “computer savvy” staff member to handle their IT support and not an IT expert. If a company cannot afford a complete IT staff for 24/7 cybersecurity monitoring, they should be leveraging a Managed Service Provider (MSP) who has the time and resources to anticipate and protect a company from the latest cybersecurity threats.