Listening to the news, you would be correct in being concerned about the extreme levels of ransomware attacks across the world. And, more importantly, whether your company is prepared to weather such an attack. To help address those concerns, Leon Allen, Cybersecurity Director at C8 Secure (www.c8secure.com), lists 5 key steps that companies can take to reduce their risk of a ransomware attack:
- Take Inventory “We don’t know what we don’t know”
Whilst this may sound simple, you would be very surprised to learn how organizations are directly infiltrated and exposed by simply not understanding what assets are within their enterprise. This starts from unsecured endpoints (such as laptops, switches, servers etc.) through business applications hosted in the cloud or in a data center.
To help with taking inventory, tools like asset discovery scanning and automated vulnerability scanning can be used. Furthermore, other good housekeeping measures involve reviewing your change management procedures, running a report on administrator accounts, verifying firewall rules, and validating VPN accounts.
- Define Risk “An ounce of prevention is worth a pound of cure”
It’s important to not get caught saying “I really wish I would have spent a few more security dollars”. Whilst it’s very much understood that security budgets are only typically increased following an incident, the level of threat in the world should help us all justify greater security investment.
Where you spend resources should be commensurate with your risk. If we don’t know the risks, it’s very hard to justify the application of those resources. Risks such as loss of revenue, regulatory concerns, impact to operations, your reputation, penalties, fines, contractual obligations, and data protection obligations need to be understood for your business.
Take stock of your data and cyber footprints and focus on the risks and cost to business that are applicable to you.
- Educate “To be armed is to be forewarned”
To make decisions on technical solutions that can help mitigate risk, we need to arm ourselves with an understanding of the available cybersecurity solutions out there, including how those solutions compare. This naturally leads into decisions around whether you bring this solution in-house or whether you outsource to a Managed Security Solutions Provider (MSSP).
Crucial from an education perspective, is the end users. This is still the most direct path in avoiding the proliferation of malware within your organisation. When combined with an effective security event monitoring and ransomware controls solution, providing regular security awareness training can go a long way in mitigating the likelihood of a ransomware attack.
- Plan “Security is a journey not a destination”
Far too many idioms that can be used here (and I’ll try and avoid using the classic ‘Rome’ one). Essentially, we are not going to solve every problem in a single instance. Use the risks identified in step 2 and prioritize. Tackle the list over time. It’s crucial at this stage to ensure you have security representation at a board level to ensure you have the required backing to address those risks.
The time has come to execute your plan and start mitigating those risks. It’s critical that when you execute you are also testing, measuring, and quantifying along the way. Continually ask yourself the following questions:
- Was this investment worth it?
- Can I do this more cost effectively by outsourcing?
- Were other gaps/risks exposed?
- Was the result intended?
To keep your risks low, and returning to the adage that “security is a journey, not a destination”, it’s time to rinse and repeat steps one through five.
And remember, if you’re ever feeling overwhelmed, there are a multitude of companies out there who can help you. They would like nothing more than to have a conversation with you on how best to reduce your risk.
About the Author: As C8 Secure’s Cybersecurity Director, Leon oversees the full spectrum of security services including advanced cyber defense, applied cybersecurity solutions, and managed security services. Leon also leads the security innovation program, which discovers and delivers new and innovative cybersecurity technologies. He is a highly experienced IT professional with 17 years’ experience in the industry and holds a BEng degree in Software Engineering and a first-class Information Security Master’s Degree from City University, London.