In today’s complex technological climate, the number of ransomware attacks is increasing more than ever before. Ransomware is defined as, “malware designed to encrypt files on a device, rendering files and the systems that rely on them unusable. Malicious actors then demand ransom in exchange for decryption” (Cybersecurity & Infrastructure Security Agency). If a business falls victim to a ransomware attack, it can expect financial loss, loss of critical data and information, and erosion of customer trust, which is why many are scrambling to solidify their security posture or adopt a heightened security posture to protect their most critical assets.
Unfortunately, no matter how well a business prepares for a cybersecurity incident, all are at risk of falling victim to a ransomware attack. In order to reduce the likelihood of a damaging attack, the Cybersecurity & Infrastructure Security Agency (CISA) created a Shields Up Guidance for All Organizations to follow – regardless of size.
Here are a few recommendations provided by CISA:
- Validate that all remote access to the organization’s network and privileged or administrative access requires multi-factor authentication.
- Confirm that the organization’s IT personnel have disabled all ports and protocols that are not essential for business purposes.
- Ensure that cybersecurity/IT personnel are focused on identifying and quickly assessing any unexpected or unusual network behavior. Enable logging in order to better investigate issues or events.
- Designate a crisis-response team with main points of contact for a suspected cybersecurity incident and roles/responsibilities within the organization, including technology, communications, legal, and business continuity.
- Test backup procedures to ensure that critical data can be rapidly restored if the organization is impacted by ransomware or a destructive cyberattack; ensure that backups are isolated from network connections.
All organizations can improve their security posture, resilience, and cybersecurity by following CISA’s recommendations.
With recent cyber events, CISA also recommends reviewing their Understanding and Mitigating Russian State-Sponsored Cyber Threats to U.S. Critical Infrastructure alert.
If you have questions or concerns about the state of security of your business, reach out to our team today. You can also check out our Security Operations Center Overview. Our SOC provides you with a dedicated security team that monitors and analyzes your security posture constantly, ensuring a proactive approach to security threats and intrusions. We’re here to help you 24/7/365.
