Cybercriminals and ransomware made headlines this week. The Colonial Pipeline suffered a double extortion where stolen data is encrypted, and then a ransom demanded, or else the data will be released online. How did this happen to such a large enterprise that should be secure?
Pipelines are vast networks with lots of connections with different distributors and customers. The various control systems and technology at connection points may lack security. If the cybercriminals find that unsecured point, they can infect other areas of the network.
Most ransomware attacks result from malware injected into your network. Don’t most attacks target large businesses? Yes, but 20% of small businesses find themselves in the bullseye.
The best protection against attack requires preparation and planning. Your security needs to evolve because cybercriminals keep innovating and changing tactics. Frequently do cyber risk assessments.
Pinpoint your crucial data and plan more frequent backups. If an attack happens, plan how to keep business going and how to recover. Confirm you can run things using the backup data.
Test your network security by running exercises that simulate an attack. Install a continuously monitoring security system if you can.
What if an attack happens? It is recommended not to negotiate. Your employees need to know that. No matter how embarrassing, report the attack immediately.
Educating your employees is the front line of defense. Keep your employees up to date on phishing scams so they don’t fall prey. And open your business door to extortion.
Author: Kris Keppeler, a writer who finds technology fascinating and loves humor. She writes for Crossing Genres on Medium.com and Does This Happen to You? on Channillo. Award-winning podcast producer who enjoys telling stories. Follow her @KrisKKAria on Twitter or on LinkedIn.