Build a Stronger Backup Strategy
The configuration of backups is critical. Attackers are likely to delete backups prior to deploying ransomware to increase the odds that you will pay. Often times backup strategies are designed to protect against hardware failure, but they weren’t designed to protect against hacker infiltration.
Purchase a backup solution that uses a separate non-domain account with multifactor authentication. Retain multiple copies of data and keep one off-site. Closely monitor your backup solution for suspicious activity and data exfiltration.
Use Multifactor Authentication
Improve your security posture by requiring a multifactor authentication on all public-facing employee service protocols. Also, restrict internet-facing protocols, such as RDP and Server Message Block, to help prevent unauthorized access to your environment.
Implement a Stronger Endpoint Solution
Use advanced endpoint protection across your network. These solutions should use machine learning to spot potential challenges in addition to conducting antimalware and antiviral activities in real time. The solution should be capable of detecting and preventing unknown threats and detecting unmanaged assets within the corporate environment.
Test Your Response Plans
Whether it’s your instant response plan or restoring from a backup plan, test, test and test some more. It is critical that your plan is well established, as you do not want the first test to be on a Sunday morning when you get hit by ransomware.
Invest in Education
There is still a lack of awareness about the magnitude of potential cybersecurity threats within organizations. Educate staff at every level of the organization.
Ask for Help When Needed
Companies may become aware of a threat or suspicious activity within their environment but lack the expertise or visibility to address the challenge. Getting educated about the latest threats and knowing when it is necessary to ask for help will enable detection and remediation before the threat can deploy and steal or encrypt data from the environment.
*List provided from TMHCC’s 2020 Cyber Risk Guide.