EDITOR ’ S QUESTION
To protect against ransomware , it is important to be aware of the leading causes of the attacks . The leading cause last year was spam / phishing emails , user practices that weren ’ t the best caused by lack of training and weak access management practices .
However , before we get into that part , it is important to point out that protection against ransomware should be the top priority for decision-makers – both for the technical and the business leadership team .
There lies huge accountability among business leaders to review the protection strategy and tactics and revisit the vulnerabilities with information security leaders to gauge the standing of the organization . ransomware attacks . Investing in identity and access management solutions that are integrated , and provide complete visibility enables a robust control on access and privileges .
Access and identity management tools that are known to fill the gaps that led to attacks in the past are an investment that not only ensures the right access to the right people but also ensures the identity of the users is constantly validated .
There is no better way to prevent attacks than understanding how it is happening .
When it comes to precautions against phishing attacks – the leading cause of ransomware attacks – investing in robust tools and staying on top of the latest phishing attacks strategies is a good preventive measure . There is no better way to prevent attacks than understanding how it is happening . It is like having a thorough understanding of your attacker ’ s motives and strategies . The more you know the better you are protecting by using the right tools .
The other measures that significantly reduce the probability of a ransomware attack are continuous education and training of users – considering poor user practices and lack of training were the next leading cause . Instead of waiting for an attack and then think of training , it is vital that periodic training on possible threats , vulnerabilities and ways to safeguard become part of the process .
Setting up training goals for the year and ensuring there is a follow-through to achieve it could be extremely beneficial in preventing attacks .
Weak access and privilege management tools and practices are the third leading reason for
Additionally , multiple levels of authentication and defense mechanisms solidify the security practices further .
Another very crucial preventive measure that we often see being overlooked is auditing security management vendors . Besides routine vulnerability , patch management , backup , versioning , virus protection steps , assessing vendors and their ability to keep up with the requirements should become a top priority . Setting up periodic audits to assess vendors to understand their processes and steps to counter the latest forms of attacks , comparing their measures against compliance requirements is highly beneficial . It provides a holistic picture of the ability of an organization to safeguard itself against attacks .
The bottom-line is any proactive measure is a good precaution to avoid a ransomware attack . A reactive approach will take care of the current problem , but a proactive step will future-proof your organization and could potentially save you millions of dollars . p
BOB COLLIE , CTO , SIMEIO
www . intelligentcio . com INTELLIGENTCIO NORTH AMERICA 35