Have a plan for dealing with Ransomware

Blog / Have a plan for dealing with Ransomware

It’s unfortunate to say but ransomware has become so pervasive that it’s become a fact of life in the world of computer security. It’s not a question of if you’re going to have a ransomware infection, it’s when. Now this doesn’t mean adopting a defeatist attitude, but it does mean recognizing the reality of the risk and how to prepare. This makes ransomware no different than having a fire (which most companies have very specific plans for).

You should be taking similar precautions with your ransomware plan. Let’s start by looking at how most businesses handle the threat of fire:

Insurance

Fire insurance is so much of a standard in business insurance that most of the time you don’t even need to ask for it, and the only time coverage costs extra is if there’s a significant added risk (like covering a location with lots of explosives or flammable gas).

Avoid easily combustible materials when possible

Building are constructed to meet minimum fire safety codes, particularly when it comes to wiring or highly combustible materials. Office furniture is often made from flame retardant materials. Highly combustible materials often require special handling and storage, and easy access to fire extinguishers is also a standard.

Have an evacuation plan

When all else fails, you need to know how to get everyone out safely and quickly.

Other than the physical danger to personnel, why not take a similar approach to ransomware? The impact of a successful ransomware attack can be just a deadly to your business, taking you out of action for days or even weeks at a time. If you’re not prepared a ransomware assault may even take you down permanently, so even the scale of the event is similar to fire. And yet few people treat the threat of ransomware as serious as they should.

So what does treating ransomware seriously look like? It means taking similar precautions.

Cyber Insurance

Make sure that your business insurance covers ransomware in some capacity and you understand the coverage limitations. Some insurance companies will take the decision to pay a ransom out of your hands and decide that for themselves. Others have policies that won’t allow for coverage if a payment is made. Covering the risk of ransomware through insurance is new and insurance companies are still trying to figure out their coverage models, so not every plan is going to be the same. Make sure you understand what your cyber insurance does and does not cover when it comes to ransomware.

Avoid weak software whenever possible

Do research into the software you allow to be installed in your business environment, and don’t base your decision just on ease of use. You need to setup proper defenses by using hardened configurations, use detection software, and keep up date on available security patches for all of your software (not just what you use). Also make sure everything uses a secure configuration and not just whatever is default.

Have a Disaster Recovery plan for dealing with ransomware

Fire and disaster plans almost never end with evacuation but also include contacting emergency services as well as key internal personnel to deal with vital tasks. Ransomware is no different. You should have a plan that includes contacting any appropriate external services, assigns duties and responsibilities to personnel, and clearly outlines the specific steps needed to get up and running again as quickly as possible.

Ransomware, like a fire, is a big deal. It’s stressful, it’s messy, and it causes a lot of problems. Making things up as you go is a great way to create unnecessary work, which increases the overall stress in an already stressful situation. It’s is a perfect recipe for needless mistakes and wasted time and money.

So sit down ahead of time and come up with a plan, defend yourself as best you can, and cover yourself against worst-case scenarios. After all, as Shakespeare reminds us in Julius Caesar Act 1, Scene 2: “Men, at some time, are masters of their fate”.

If you have any questions about creating a ransomware plan, please reach out to your TRINUS Account Manager for some stress-free IT.

 

By Kind, Courtesy of Your Friendly Neighbourhood Cyber-Man.

/Partners /Systems /Certifications

TRINUS is proud to partner with industry leaders for both hardware and software who reflect our values of reliability, professionalism and client-focused service.