Cyber Insurance Blog

Ransomware Protection: How to Keep Your Data Safe

Ransomware is one of the fastest-growing cybersecurity threats. Globally, more than 68% of organizations were victimized by such attacks in 2021.

In ransomware attacks, hackers seize computer systems and encrypt files until the owner pays up. In 2021, victims paid, on average, a ransom of $170,404, according to cybersecurity firm Sophos. The most common ransom amount was $10,000. The highest was $3.2 million. Especially if your business clients have shifted more operations online in the wake of the COVID-19 pandemic, they likely need to take strong ransomware protection measures.

Computer laptop sits on office desk, its screen with warning reading, “RANSOMWARE ATTACK. Your personal files are encrypted.”
Without such protection in place, they risk interrupted services, lost sales and lower profits, and damage to their reputation and revenue from which they might never recover.

Best Practices for Ransomware Risk Management

Even when an organization pays hackers (which is sometimes illegal), the ransom itself represents only a fraction of the cost to affected organizations. Additional damages—lost revenue, tarnished reputation, system repairs—can push the final price tag far higher. What’s more, organizations who pay don’t often retrieve all the lost data.

Person sits at table in dark room, using laptop computer to launch ransomware attack, looks at world map on separate monitor.

Many businesses resign themselves to thinking they will eventually experience a cyber attack. However, by implementing best practices and following some simple steps, businesses can vastly reduce their risk of experiencing a ransomware attack, and can mitigate the damage should one occur.

Here are the five important steps businesses can take (outside of Multi Factor Authentication) to defend themselves against ransomware attacks:

1. Provide Security Training for Employees

Although the internet plays a huge role in most of our lives, employees often still don’t know enough about the best practices for avoiding a cyber attack. Especially in this era of increased remote work, implementing employee education can go a long way toward avoiding common mistakes that leave organizations open to attacks.

Such training can help employees identify potentially fraudulent emails, and recognize other social engineering—that is, the use of deception to manipulate individuals into divulging confidential or personal information—attacks. Some cyber insurance plans include this training, and some carriers offer rate discounts to clients who educate their employees about cybersecurity.

2. Use Strong Password Management

One of the most common and easily avoided cyber vulnerabilities is password reuse. If an employee uses the same password for company accounts as they do on third-party sites, any data breach affecting them could also affect their employer. If you multiply that by the number of employees in an organization, the exposure risk can be severe. The solution is a strong, unique password management system.

Password management software is rapidly growing in popularity, with most sectors widely adopting the technology according to a report by Grand View Research in 2018. The software provides strong, encrypted passwords unique to a business. While it certainly can’t be the only line of defense, it is an important step in defending against potential ransomware attacks.

3. Implement Email and Endpoint Protection

While training employees to recognize dangerous emails is important, automated systems also add a vital layer of protection.

A secure email gateway (SEG) is a device or software that monitors all incoming and outgoing email traffic, intercepting messages with suspicious content or attachments. SEGs can also encrypt outgoing mail, protecting sensitive information as it leaves the system.

Over-the-shoulder view of woman in video conference with 13 of her colleagues, visible on screen of her laptop computer.

4. Maintain an Immutable, Offsite Backup

Businesses dealing with a lot of highly sensitive data must keep secure copies of that data. They must also take precautions to ensure they can still retrieve vital information in the event a primary server becomes encrypted in a cyber attack.

One best practice is “the 3-2-1 rule.” This name refers to maintaining three separate copies of your data, on two different types of media, and storing one of them off-site as an immutable version. This practice provides a backup if data is ever compromised, as well as redundancy in case one backup fails.

5. Utilize a Zero-Trust Security ProtocolIs

Past security models have operated on the assumption that everything in a network can be trusted. However, when a malicious ransomware program begins encrypting data, this trust can spell disaster for the network.

Zero-trust protocols segment the system, ensuring sensitive information isn’t accessible from compromised machines. This ransomware protection means even stolen credentials can’t be used to infiltrate a system with an attack.

Your Next Step in Helping Your Clients Protect Their Business

Want even more tips on ransomware risk management? Download our free ebook, Ransomware: The Front Lines, for in-depth knowledge on the danger of ransomware attacks, and what your clients can do to protect themselves.

And to get answers to more questions about cybersecurity, risk management, and cyber liability insurance, contact us today.