To prevent a ransomware attack, experts from Tech Pro Research say IT and information security leaders should do the following:
- Keep clear inventories of all your digital assets and their locations so cybercriminals do not attack a system you are unaware of.
- Keep all software up to date, including operating systems and applications.
- Back up all information every day, including information on employee devices, so you can restore encrypted data if attacked.
- Back up all information to a secure offsite location.
- Segment your network: Don’t place all data on one file share accessed by everyone in the company.
- Train staff on cybersecurity practices, emphasizing that they should not open attachments or links from unknown sources.
- Develop a communication strategy to inform employees if a virus reaches the company network.
- Before an attack happens, work with your board to determine whether your company will plan to pay a ransom or launch an investigation.
- Perform a threat analysis in communication with vendors to go over cybersecurity throughout the lifecycle of a particular device or application.
- Instruct information security teams to perform penetration testing to find any vulnerabilities.