Ransomware (CONT’D FROM PAGE 24)
administrator, the bad guys are going to use that access to do more damage. In case you fall victim to ransomware, you need the fol- lowing. Please note that most of these need to be done before the attack takes place: 1. OFFLINE backups. These are backups that are kept off of your network. Cybercriminals try to delete your back- ups. If your backups are not on your network, the bad guys can’t destroy them. 2. Tested restore procedures. If you try to restore your backups only when you need them, you are rolling the dice every time you are in a real bind. 3. Offline restore methodology. Don’t begin a restore with your network still attached to the Internet. Ransom- ware cases often unfold where the cybercriminals still have hooks into a company’s network, and they destroy
the used-to-be-offline backups as soon as the restore pro- cess begins. 4. Workstation reimages. You need a clean workstation image to restore workstations quickly if you suspect they have been compromised. 5. Server rebuilds. You need a clean server image to recreate your servers quickly. 6. Pre-negotiated incident response team contract. Find a cyber incident response company and get a con-
tract in place. That way you will know how to “call in the cavalry” very quickly as opposed to going through contract negotiations in the middle of a crisis. 7. 35 percent free drive space on all net- work drives. Ransomware often bloats the data on the drives it encrypts. As soon as a drive fills up, the process will keep trying to move forward, but every file it encrypts after the drive is full will be unrecoverable. 8. If you have cybersecurity liability insur- ance, call your insurance company ASAP! There are many stories of insurance policies with a clause stating the customer must inform their insurance company of a suspected inci- dent within 24 hours of the initial discovery. If they take a few days to confirm that the inci- dent was real, it can be an expensive mistake. If all companies followed the specific rec- ommendations above, ransomware cyber- criminals would become a thing of the past. With proactive action and a good cybersecu- rity awareness training program for your em- ployees, cybercrime is a solvable problem! Bryce Austin is the CEO of TCE Strategy, an internationally-recognized professional speaker on technology and cybersecurity
issues, and author of the book “Secure Enough? 20 Questions on Cybersecu- rity for Business Owners and Executives.” He is the named Chief Information Security Officer for compa-
Bryce Austin
nies ranging from 40 employees to S&P 500 organizations. Bryce actively advises compa- nies on effective methods to mitigate cyber threats. For more visit www.BryceAustin.com.
26
www.boardconvertingnews.com
November 22, 2021
Made with FlippingBook - professional solution for displaying marketing and sales documents online