Now more than ever, we’re seeing multiple news reports of ransomware attacks and their devastating consequences to organizations. It’s important to know that hackers don’t care what industry you work in, the size of your company, or the clients you serve – no organization is immune to cyberattacks. Most ransomware attacks are targeted at organizations with 250 or fewer employees. According to the panelists who spoke during a recent Blackink webinar, around 60% of small businesses that fall victim to a cyber-attack end up shutting down permenantly. Preparing action plans to prevent or recover from cyberattacks are an important factor in keeping your business alive.
Below are our key takeaways from our most recent discussion on what you can do to prepare, prevent, and protect your sensitive data when a ransomware attack occurs.
The Human Firewall
The most common source of a ransomware attack originates from in internal source. Your organization is most vulnerable to attacks by human error (i.e. your employees) which makes educating your staff on cyber security your best line of defense when creating an action plan.
Understand Your Data
As an organization, it's imperative to know what type of data you have, and how sensitive it is. Examples would be personal identification data or personal health information. By conducting a data assessment, you can learn what data you have, where it is located, who would want it, how would they would access it, and what the impact of data compromise would be.
Create a Response Team
Make sure you have an incident recovery team (be it in-house or 3rd party insurance/legal counsel) that has access to your organization’s security and privacy policies and procedures (updated annually), so that they can assist in the recovery from the attack. This team should be driven by an incident response plan that has been prepared – and tested – ahead of time.
Cybersecurity Risk Assessment
A good offense is the best defense. To assess your organization’s current risk, you should focus on analyzing your backup operations, completing internal/external vulnerability scans, evaluating existing security awareness training, reviewing your incident response plan, and evaluating your corporate culture associated with cyber-event reporting/observation.
Cybersecurity Insurance
In recent years, cyber insurance has become increasingly essential to organizations of all types. Partnering with a firm to create policies that are specific to your organization, and will assist if you are attacked, will give you the greatest chance of recouping your losses and making a full recovery.
Vet Your Vendors
When working with your vendors, be sure that you have strong contracts in place to ensure that your data is secure, and ask the right questions. If your vendors have any of your organizations data, your employees' data, or your customers' data, you have the right to know if that vendor has the the appropriate security certifications and cybersecurity insurance. Have they had any breaches in the past two years? Do their employees receive periodic cyber awareness training? Do they have a crisis management plan? Will they sign an NDA? All of these questions are essential in protecting your business, as well as your customers.
Interested in learning more about the post-cyber-attack recovery process and how to prepare your company? Contact the security experts at Blackink IT – we're excited to learn about your organization!