Cybersecurity Alarm

Two Questions EVERY Business Should Ask Themselves About Ransomware

Hackers, Malware, and Ransomware—Oh My!

To all those business owners and executives who don’t think their companies are at risk from cybercriminals—turn on your TV, radio, or favorite internet news site. Unfortunately, breaches are happening every day, with small and medium-sized businesses as prime targets.

Suppose you’re a hacker, whether alone or part of a cybercrime syndicate, it makes sense. Why spend all that time trying to bypass multi-million dollar cyber-defenses employed by mega-companies when you can easily waltz into the networks of many smaller, less defended businesses.

Well, folks—if it makes sense to you—it certainly makes sense to criminals! So, as a business owner or company executive, ask yourself two questions:

#1: What would you do if a ransomware attack impacted your business for more than two weeks?

Let’s face it; most businesses have a backup. Some employ a cloud-based data-only backup; others have an onsite data-only backup or a combination of cloud and onsite backups. Those in the know use a Hybrid Cloud-Business Continuity solution.

Note: data-only backup systems will save your data—but recovery from a ransomware attack will be slow and painful.

But what about your cloud-based services: Electronic Health Records (EHR), Point of Service (POS), Accounting, Payroll, and Customer Relationship Management (CRM) systems? They are critical systems, without which most businesses will struggle to provide services, collect payments, and pay their employees.

Additionally, other systems (cloud-based or not) can be impacted, such as phones, premises security, digital X-ray machines, credit card processing, etc. Unfortunately, you have no control over when they are restored after a ransomware attack. That is up to the individual vendors that support these systems.

The heart of this first question is business interruption. Have you ever put a number on what it would cost your company per hour and per day if it were not allowed to conduct business? Many business owners are surprised to find out that the actual cost of downtime encompasses much more than just the amount of repairs, data recovery, etc.

#2: What would you do if hackers had access to customer, patient, and/or employee data?

The security playing field has changed. In the past, hackers were satisfied with encrypting your data and receiving a small ransom payment to release it.

However, with the rise of large, underground criminal organizations, hackers increase their payday by stealing your data first, then encrypting it, and afterward demanding large ransoms, sometimes in the millions.

As if that wasn’t enough, cyber-gangs sell your data on the dark web even after you pay the ransom—not to mention the extortion of your clients!

Data theft may impact a business even more than the attack itself (i.e., regulatory penalties, reputation damage, etc.) and trigger additional time and costs:

  • Data forensics is needed to determine who has been impacted.
  • Legal counsel to help with regulatory reporting requirements.
  • Call centers to address incoming calls and emails from impacted individuals.
  • Credit monitoring / Identity Protection for impacted individuals.

Cybersecurity Is A Must For ALL Businesses

First, let me get this out of the way. We’ve said it many times that “there is no one system or process on the market today that can 100% guarantee total security.” So if any company gives you a 100% guarantee on security—run away as quickly as you can— because they’re lying.

But, there are things you can do to help your company become more secure:

  • If you don’t have an internal IT department, get yourself a security-minded Managed IT Services Provider (MSP). They’ll monitor, maintain, and secure your network—removing you from the “low-hanging fruit list.”
  • Use a layered defense plan:
    • Strategy
      • Security Risk Assessments (SRA)
      • Organizational Policies
      • Incident Response Plans
    • Detection & Response
      • Vulnerability Scanning
      • Endpoint Detection & Response (EDR)
      • Firewall & EDR Synchronization
      • Security Operations Center (SOC)
      • Log Collection (SIEM)
      • Vulnerability Scanning
      • Expert Security Team Monitoring
      • On-Call Incidence Response Team
    • Security Best Practices
      • Email SPF, DKIM, DMARC Monitoring
      • Advanced SPAM & Email Phishing Protection
      • Device Encryption Management
      • Multi-Factor Authentication Management (MFA)
      • Network Access Control
      • Web Filtering
      • Data Loss Prevention
    • User Security & Awareness Training
      • Phishing Email Test Campaigns
      • Phishing Awareness Training
      • Security Awareness Training
      • Dark Web Monitoring
    • Compliance Assistance
      • Regulatory Compliance (PCI DSS, HIPAA, NYShield, CCPA)
      • Insurance (Cybersecurity & Ransomware Supplementals)
  • Get a good, comprehensive cybersecurity insurance policy. You may find it difficult to get or renew a good policy without a strong cybersecurity program already in place.
  • Overall, follow a standard cybersecurity protocol such as NIST.

Finally—don’t go it alone! Cybersecurity is detailed and complex, especially if you’re not an IT professional. Protecting your network is more complicated than slapping anti-virus programs in place.

Whatever you do—don’t evaluate cybersecurity programs on cost alone. Quality programs from trusted IT professionals will save you much heartache and stress. Be safe.

XSolutions is an IT Services Provider serving New York (NY), New Jersey (NJ), and Connecticut (CT). We provide Managed IT Services | Managed IT Security | Backup & Disaster Recovery| Cloud Data Protection. Call (845) 362-9675 for a free consultation.