TECH INTELLIGENCE: You are not paranoid

When one company spots a good market, others will soon follow to get their share of the business — it is human nature. Unfortunately, the same holds true for cyber criminals who increasingly jump into the fray with ransomware attacks. The incidence of ransomware – an extortion scheme where hackers infect and take control of a system, then threaten to either permanently block access to it or publish the victim’s data unless a ransom is paid – has been steadily increasing, with thousands of attacks reported each week, according to published reports. So yes, business owners are not paranoid because hackers are indeed after them.

But even as the incidence of attacks jumps – with global extortion costs estimated at more than $20 billion a year and rising – many organizations, particularly small and medium-sized businesses, have not stepped up their defenses. However, by taking some commonsense steps and partnering with a qualified outsourced IT support group, businesses can reduce the chance of becoming the next victim.

The first principle in an effective defense is to remember that building a “digital moat” is not a one-off action. Instead, the effort should be corporate-wide, ongoing and managed 24/7 with a layered approach. An effort that is limited to protecting endpoints with anti-virus software, for example, is not enough.

An effective plan will include features such as multifactor authentication, where users must provide additional identity verification – like entering a code received via phone – before they are granted access to an account or an app. Other components will include a comprehensive file backup solution with cloud-based or other offsite storage, a well-developed and updated incident response plan, strong password policies, a blueprint to secure the organization’s domain name system (which identifies computers reachable through the internet or other Internet Protocol networks), good user-cyber hygiene and security awareness, and ongoing Security Incident Event Monitoring.

To reduce the attack surface or area of vulnerability to ransomware and other threats, an organization and its cybersecurity solutions partner should be proactively identifying and addressing as many security-related issues as possible. As a start, all devices should undergo a comprehensive cyber risk assessment and then be loaded with reputable, proven endpoint security protection. A policy ensuring hard-to-crack password usage, storage and updates should also be developed, implemented, updated, enforced and periodically tested. In addition to periodically backing up data and maintaining 24/7 monitoring, software patch downloads should be done on a timely basis to ensure that vendor-provided protection and enhancements are up to date.

To address ransomware and other threats comprehensively, a cybersecurity program must consider the human component: engaging employees with actionable training content that includes simulated attacks and assignments designed to change and enhance user behavior, while tracking results and progress with easy-to-digest reporting. A well-designed cyber awareness and training program will be continuously updated, addressing a variety of learning styles with interactive and game-based formats. It will also be designed to minimize work disruption, with five- to 15-minute lessons that enable users to log on for training anytime, anywhere, on any connected device.

Security awareness training can reduce risky employee IT behaviors that can lead to security compromises. By delivering relevant information and knowledge verification on information security, social engineering, malware and industry-specific compliance topics, security awareness training can increase employee awareness and resistance to cyberattacks at the office or on remote-work devices.

By pairing cybersecurity best practices, hardware and software with security awareness training, employees can do a better job at avoiding phishing and other types of social engineering cyberattacks. And when employees follow company IT policies and best practices and adhere to applicable data privacy and compliance regulations, they will be positioned to spot potential malware behaviors and report possible security threats.

As the value of data increases, the incidence of ransomware and other dangerous threats continues to multiply. Organizations that devote appropriate security, learning and other resources to defend themselves will be less attractive to hackers who want to make a quick incursion, reducing their chances of being victimized by digital criminals.

Carl Mazzanti is president of eMazzanti Technologies in Hoboken.