Ransomware remains an enormous threat for businesses of all sizes, and enterprises are particularly popular targets.
When an attack occurs, you need to ensure business continuity. Unfortunately, most organizations haven’t taken the necessary steps: New research from Cohesity indicates that 79% of IT professionals have concerns about their organization’s cyber resilience strategy.
In that survey, 56% of respondents said that their organizations had been attacked within the last year. But building a cohesive approach to disaster recovery isn’t cheap — and closing off common attack vectors may require a complete overhaul of existing systems.
Making the Case for Ransomware Preparation
To create an effective disaster recovery plan, it’s crucial to get key stakeholders on board. Statistics can help build the case, but it’s often better to ask questions:
- How would our business respond to an attack?
- How much downtime can we afford for key systems?
- What data is most important, and how often is it backed up?
- Are we testing our backups, and if so, how often?
- How long are backups retained, and what happens if backups are targeted by bad actors?
- Are employees aware of the best practices for mitigating risks?
These are general, high-level questions, but they’re an excellent starting point. While you may need expert assistance to identify vulnerabilities specific to your organization’s IT infrastructure, you can take the first steps towards a competent strategy by addressing the basics — and getting everyone on the same page.
An organizational commitment to cybersecurity is attainable, regardless of your organization’s resources, the age of your systems, or other factors.
1. Discuss Prevention Tactics
Most ransomware utilizes exploits in third-party software or is distributed via targeted phishing attacks. While larger enterprises may not be able to address every potential attack vector on day one, they can mitigate many risks through policy:
- Ensure that third-party applications are regularly updated, particularly applications that have administrative privileges (the recent MOVEit Transfer exploit is an excellent example).
- Have clear policies for employees. Train (and retrain) your staff to limit targeted phishing, focusing on best practices for handling emails, opening attachments, etc.
- Evaluate and restrict user privileges for key systems.
The best prevention tactics are not a replacement for a ransomware recovery plan — but they’re essential as a first step.
2. Focus on Data Resilience
Ensure that your backup retention policy is appropriate for your business objectives. Remember that ransomware often lays dormant prior to deployment; a single backup is usually not sufficient for disaster recovery.
Ideally, a data resilience strategy should have several characteristics:
- Backups are created regularly, automatically, and in line with business continuity objectives.
- “Golden copy” backups are retained to ensure continuity if the primary backups are compromised.
- Backups are tested regularly to ensure usability.
Once again, these are basic guidelines, but they’re applicable to organizations of every size. They’re also useful for laying out a game plan for key stakeholders.
3. Test for Vulnerabilities
Penetration (PEN) testing is essential, but ransomware-specific threat identification is also key. Remember, ransomware groups use a dizzying array of methods to propagate infections — and the list grows every day.
Here, it’s important to work with experts. Professional guidance can help you identify and remediate vulnerabilities, ensuring continuity if (and when) an attack occurs.
If your organization needs a more effective ransomware recovery strategy, get in touch. Datarecovery.com provides a full suite of ransomware recovery solutions, including PEN testing, disaster plan development, and data solution evaluation.
To learn more, call 1-800-237-4200 and speak with a ransomware specialist.