Should I pay the ransomware?
Cyber insurance is a growing industry, and it can be part of your Layered Security Approach (be prepared for when something does happen and how you respond to that incident).
Reuters reported that the price hikes follow a challenging year of criminal hackers using ransomware to take down systems that control everything from hospital billing to manufacturing. “Ransomware is more sophisticated and dangerous than we saw in the past,” said Adam Kujawa, director of Malwarebytes Labs.
The average ransom of $41,198 during the 2019 third quarter more than tripled from the first quarter, according to Coveware, which helps negotiate and facilitate the payments.
Talk to your current insurance provider or do research if you have not already looked at cyber insurance as part of your overall Disaster Recovery and Business Continuity Plans.
Download the Ransomware Hostage Rescue Manual
What can you do to prevent a ransomware attack?
- Train, train, train your users. Implement Security Awareness Training if you have not already, and make sure you are managing your solution and reviewing its effectiveness.
- We’re happy to help you with baseline tests, evaluations, or have more discussions if you are ready.
- What if your backups are also infected? Do you have an Incident Response Plan in place to address an attack?
- We highly encourage every company to do tabletop exercises around security. We’re happy to facilitate.
- Is your firewall up to date, managed, and have you reviewed your firewall rules? Consider a Managed Firewall!
- Do you have a Security Information and Event Management tool or solution in place to analyze and correlate logs?
- What are you doing for email security (preventing possible threats from ever reaching your end users)?
Prevention is key – I am, and always will be, a believer in Layered Security – constantly evaluating every aspect of what security means for your organization. You have to take a holistic approach and adapt quickly as threats and exploits change. This is not always about additional investment – it’s oftentimes about staying vigilant about the tools, products, and solutions you already have.
Stay safe out there—
If you would like this delivered to your email box weekly--sign-up for the cybersecurity newsletter