Ransomware is one of the most important cybersecurity threats that you as a company need to arm yourself against. Fortunately, the risk and impact of ransomware attacks can be adequately mitigated by implementing a number of targeted measures that help prevent and recover from ransomware attacks…
Ransomware can be prevented by combining technological and organisational control measures. For example:
- the capabilities of antivirus scanners remain very important to detect ransomware,
- network segmentation and logical access control measures are very important to limit the scope of ransomware within your environment,
- and your employees’ freedom to introduce malicious software into your environment as well as their awareness to recognize phishing mails, among other things, plays a very important role.
To recover from a successful ransomware attack without paying the ransom money, you depend on your backups. After all, it is impossible to undo the encryption of your files, but you can make an older version of the same file available again on your network. It is crucial that the backup environment is separated from your operational environment so that these files are not encrypted either. It is also advisable to perform regular backup recovery tests so that you know that your organization is effectively capable of recovering the environment if necessary and for how long this recovery would take. After all, if you are not prepared for this, it may take much longer than expected. Precious time with your customers out in the cold.
