Expert IDs how marketers can protect from ransomware

Kristina: Why is ransomware such a big problem for global businesses?

Fielder Hiss, VP of Product, Continuum: Ransomware has two major differences to traditional attacks–one, it impacts a business’s productivity and IP. Most attacks steal information, so brand reputation, customer experience can be impacted but are harder to quantify, there could be some fines but only in regulated industries. Ransomware is different – it can have crippling impacts that are very tangible. Secondly, ransomware lends itself to untargeted attacks, so it can have a goal of small amounts from lots of people. This untargeted approach paints a huge target on the backs of small to medium sized businesses, as they don’t have the sophistication required to protect themselves but are just valuable to the perpetrator.

Organizations lack the resources and know how to mitigate known vulnerabilities in their environments to prevent these attacks. In the end, users are often the problem as they fall victim to Phishing attacks that allow malware to exploit the known vulnerabilities and infect their environments.

Kristina: How can businesses protect themselves from ransomware attacks?

Fielder: Businesses need to have a security program in place to create a foundation for protection. Any program consists of measures that focus on people, process and of course, technology as a foundation. Companies need to protect their perimeter with a firewall and DNS filtering, have endpoint protection in place, stay up to date and patched, as well as regularly scan for known vulnerabilities. Organizations must educate their teams on best practices to avoid malware, including simulations to measure which employees are paying attention. A process needs to be in place to regularly make sure that environments are up to date and remediation of vulnerabilities is happening in a timely manner. Organizations must also have remediation processes in place when a breach occurs.

Kristina: You believe business continuity plans are key – what are your top 3 tips for creating a BCP that can help brands withstand these attacks?

Fielder: The key is to have both a cybersecurity program, as well as a backup and disaster recovery plan. BDR programs allow a company to roll back to a last known “good” state before an equipment failure, disaster or cybersecurity attack.

The difference in a ransomware attack is you need to identify when was that last known “good” state. By having an effective cybersecurity program, you can identify when infection occurred and from there, use BDR as that last line of defense to return to just before the infection.