The average cost of a data breach has increased from $5.4 million in 2013 to $6.5 million at present. Even more troubling? The fact that 60 percent of organizations fail within six months of getting hacked.
Cyberattacks have become big business for hackers, so the stakes of your business have never been higher. In March, the city of Atlanta suffered a massive ransomware attack that is estimated to cost over $11 million to fix. In the case of Atlanta, the warning signs were there, but they were ignored. By the time the damage was done, the city had to take a reactive approach in attempt to recover their losses. This is an unfortunate reality for many organizations and institutions, no matter the size.
Establishing and following preventive strategies to keep systems safe should be a no-brainer for all organizations, but sometimes these efforts fall by the wayside. From a ransomware prevention perspective, there are many moves that can be taken immediately to prevent attacks before they take hold.
To prepare your organization to be well-equipped when it comes to protection from a ransomware attack, the following items are critical:
- Systems should be continuously monitored and patched: A major fault of many organizations is failing to ensure all systems are up to date and monitored. With up-to-date monitoring systems and vulnerability scans in place, organizations can be aware of when potential threats arise. Being ahead of the threat is the only way to prevent an attack.
- Employee training program: Employees should be made aware of scam emails and what attachments they should avoid opening. Once attachments are opened through a phishing email, the scammer can easily access the system and infiltrate. Making trainings available to employees can keep money and valuable data in the employer’s pocket later.
- Have a sound backup in place: It is vital is to perform regular backups of systems so data can be restored to a point in time prior to the ransomware entering the environment.
In today’s all access environment, there are many tools out there now to detect the heuristic characteristics of ransomware. These tools are used by many organizations so they can continuously scan and check for potential threats.
Once the groundwork is laid, highly qualified experts should be on the lookout to detect any error a tool may miss. We conduct tests for our clients, usually on at least an annual basis, and run thorough testing to bolster cyber defenses.
In the event that a ransomware attack makes its way into your system, the most important step is stopping its spread. The sooner an organization can stop a ransomware attack, the better off it will be. The following are the immediate steps that should be taken in the event of an attack.
- Shut down the system as quickly as possible so it does not spread: Taking systems offline can allow the organization to determine what has been affected.
- Restore systems that have been affected: Restore data and systems from backups that have been impacted by the hack.
- Rebuild: If needed, rebuild systems that did not have adequate backup, but only when restoration is not possible, to save time, energy and money.
If an organization is not equipped with up-to-date backups, they could be subject to a rude awakening. Without backups, organizations could be held at ransom, and in the worst cases be forced to pay the criminals or suffer from having to rebuild a completely new environment and lose data that will be difficult—if not impossible—to restore.
To avoid finding oneself in a helpless situation, executives must place high importance on cybersecurity. Although having systems in place may appear costly at the onset, the costs often pale in comparison to the price of reconfiguring a whole online environment, as was the case in Atlanta.
As busy organizations, we get caught up in the day to day and forget about potential setbacks. It’s all too easy to believe a ransomware attack won’t happen to you. This belief is idealistic, but unfortunately is often untrue. Ransomware attacks happen every day to organizations large, medium and small. To get ahead of the potential hack and prevent stress and loss of finances, be proactive and protect your organization today.
Jessica Dore leads Rehmann’s Technology Risk Management Group.