9 Steps to Protect Your Business Against Ransomware Attacks

You’ve probably heard about the growing ransomware threat in the United States, but are you prepared in case you become targeted? Cyberattacks on businesses in both the private and public sectors have been growing, and if you own a business, it’s more important than ever to make sure you take proactive steps to protect yourself. Ransomware attacks are a huge threat to businesses because they are programmed to access data and encrypt files, often demanding a ransom in order to decrypt them.

Why is it important to me?

No business is safe from being the target of ransomware attacks, and ultimately, anyone with a computer that stores important data and is connected to the internet is at risk. If your company addresses the current risks and makes sure their security and business continuity plans are up to date, you will be much more likely to prevent a successful cyberattack and will be able to restore operations quickly if an attempt is made.

How can I protect my company?

The Federal Government recently issued a notice to all corporate executives and business leaders emphasizing the importance of protecting against ransomware attacks, and outlining steps businesses should take. We at Riverland have reviewed the recommendations and agree that they are in the best interest of our customers, so we highly encourage you to take a close look and implement the recommendations and best practices below.

1. Require multifactor authentication whenever applicable since passwords are easily compromised.

2. Employ endpoint detection and response practices.

3. Encrypt all data so that if it is stolen, it is unusable.

4. Have a security team who is prepared to respond to threats.

5. Backup your data, system images, and configurations. Regularly test them and keep the backups offline.

6. Update and patch systems promptly.

7. Test your incident response plan to identify possible flaws.

8. Check your security team’s work using a third party.

9. Segment your networks – separate your corporate business functions and manufacturing/production operations, so that your Industrial Control System (ICS) networks can be isolated and continue operating if your corporate network is compromised.

After following these steps, your organization will be well-equipped to combat attempted ransomware attacks and will be more resilient – allowing you to restore operations quickly. Still have questions or feel uncertain about your organization’s security posture? Visit the links below to learn more.

• Ransomware Executive One-Pager and Technical Document (cisa.gov)
• Ransomware Guide | CISA
• Ransomware — FBI