Cybersecurity is top-of-mind for most company leaders, especially since the pandemic left gaps in former data protection strategies. According to a recent survey from Enterprise Strategy Group, roughly 69% of organizations are making cybersecurity a priority in 2022, increasing budgets by up to 50%. Businesses want better security, and we have five ransomware defense tips to help protect your business. Let’s go!
The Changing Cybersecurity Landscape
It’s not breaking news that the pandemic left many businesses vulnerable to cyber attacks. We watched the heists unfold, from phishing to malicious software to ransomware attacks. Business Wire says cyber threats have increased by 81% since the COVID-19 pandemic.
Some experts blamed the attacks on the uptick in remote work, while others chalked it up to what we already know — our cyber protection isn’t up to par. Although saying, “I told you so,” helps no one, it does bring up a valid point. Companies of all sizes need better defenses.
Cybersecurity is a hot topic, and that trend isn’t changing soon. Here’s the thing; remote work isn’t going anywhere. Hackers and cybercriminal gangs aren’t going anywhere, either. In reality, they’re becoming more sophisticated, executing multi-tiered attacks. Moreover, our society will likely only depend on the digital world more with each passing day.
Understanding Ransomware’s Impact
Ransomware is a vicious malware that threatens to perpetually block systems or publish protected data unless a ransom is paid. Businesses spend more than $75 billion each year dealing with ransomware costs. Unfortunately, the average ransom demand has recently jumped by 20% to $1.8 million. Coalition reveals the claims’ severity in the graphic below.
From our view in the commercial insurance world, many of us saw claims reflecting a 20% increase in ransom demands during the last half of 2021. The following stat will send chills down your spine if that doesn’t. Over 40% of insurers had clients experience a minimum of six ransomware attacks.
The worst part? More than 50% of information security professionals don’t think their company is ready to ward off a ransomware attack. Even the US government has a dedicated site called, Stop Ransomware — that’s how critical ransomware defense is.
Pro Tip ↓
Are you up for the challenge of taking our Cybersecurity Quiz?
Test how savvy you are regarding your cybersecurity stats — it’s fun, and you’ll likely learn something new. Here’s a sneak peek of one of the cybersecurity stats, “Every 11 seconds, a new business falls victim to ransomware.”
How to Protect Your Business
If you’re like most people, fearing a ransomware attack feels a lot like how the iconic two-note Jaws theme sounds. (Click here, and jump to 00:28 for a scary reminder.) It’s terrifying to think some random hacker might have the keys to your protected data in hand.
Here are tips to take back the keys, bolster your ransomware defense, and protect your business.
1. Backup Critical Data
Although backing up your important information might seem like a no-brainer and obvious way to recover from a ransomware attack, sometimes it’s challenging to stay on top of a backup schedule. There are days when it’s easier to skip the backup and just go home to relax.
However, businesses must backup files appropriately. Store them offline or out-of-band, which gets them out of a cybercriminal’s reach. Consider using a managed service provider (MSP) to help you accomplish these tasks. And remember, cloud services let you revert to an unencrypted version of your data, further mitigating a ransomware attack.
2. Support a Healthy Cybersecurity Culture
We could have also titled this heading “Train Your Team,” but bolstering ransomware defense is more than mere training. Sure, password changes should be enforced, and two-step authentication should be the norm. And while cybersecurity culture trickles down from management, it’s honestly a team effort.
Directors and officers are undoubtedly taking a harder hit for data protection measures, as we reported in another post: Cyber Liability Insurance Trends 2022. Still, teach and reward your workforce for identifying and reporting potential attacks. Allow your workforce to play a vital role in your ransomware defense.
3. Update Your Systems
Science tells us that a mouse can fit through a hole the size of a pencil. Hackers will squeeze through a tiny vulnerability in the digital world, too. Much like backups, though, updates can be tedious and frustrating to execute. This task is where an MSP comes in handy.
Nevertheless, companies should update their operating systems, software, and applications regularly. Outdated systems are nothing more than an open door to cybercriminals. If you don’t want to lay out the welcome mat, reinforce the latest security patches by auto-updating or handing the task over to a trusted MSP.
4. Ensure Secure Configuration Settings
Port settings often attract ransomware attackers, so consider whether your business needs these ports open. Perhaps your cloud service provider or MSP can close any unused ports, paying special attention to the following two settings:
- Remote Desktop Protocol (RDP) port 3389
- Server Message Block (SMB) port 445
Also, it might be time to harden your endpoints to ensure that your devices are secure. As mentioned, regular updates will help keep your endpoints safe from malicious actors.
5. Have a Recovery Plan
Nearly 25% of the C-suite is willing to pay at least $20,000 and up to $50,000 to regain access to their encrypted data. Plus, around 40% of ransomware victims end up paying the ransom, and only 30% of those companies ever see all those dollars again. That’s a lot of financial damage — but a ransomware attack doesn’t have to bleed companies to death.
Cyber liability insurance protects companies from third-party lawsuits relating to electronic activities (i.e., data breaches, phishing scams, etc.). It also provides many recovery benefits, supporting data restoration and reimbursement for income lost and payroll spent.
Bolstering your ransomware defense means having a recovery plan. While it doesn’t defend against the attack, per se, cybercriminals don’t get the best of you in the end.
Understanding the details of what coverage your company needs can be a confusing process. Founder Shield specializes in knowing the risks your industry faces to make sure you have adequate protection. Feel free to reach out to us, and we’ll walk you through the process of finding the right policy for you.