Freely subscribe to our NEWSLETTER

I speak to companies regularly that don’t believe they are in the crosshairs of ransomware threat actors, but they are. To better prepare for the inevitable attack, organisations should regularly review business risk, including the impact ransomware could have on their business. Even if a company reviewed business risks in October, do it again because something that wasn’t obvious then, might be now. And learn to prioritise. If ransomware is a greater risk than another threat, prioritise ransomware. This sounds easy but it requires fortitude to help senior management understand this approach.
 
In addition, eliminate single points of failure and have contingencies in place if their business becomes disrupted. There’s no silver bullet that will solve the cybersecurity challenges facing most organisations. Companies should also identify the critical services that are “single points of failure” for the business. If critical services go down, the business stops. Have a plan for “what to do if.” This doesn’t have to be perfect but think now about what to do if email goes away or a customer portal or CRM tool gets locked. And practice makes perfect (or at least better) so test your plans before it’s for real.

There’s no perfect solution, but managers will be more creative when there isn’t adrenaline pumping. Know that any thought given to it on what the company will do is an advantage. And keep in mind that Active Directory environments are the most vulnerable entry points and one of the most negatively impactful attacks; hackers frequently target these environments, making it imperative that organisations have real time visibility to changes to elevated network accounts and groups.