<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=216107089418520&amp;ev=PageView&amp;noscript=1">
Let's Talk

This Weak On Security Highlights Phishing and Breaches.

Posted by Mike Pape - 31 January, 2020

Should I pay the ransomware?

Cyber insurance is a growing industry, and it can be part of your Layered Security Approach (be prepared for when something does happen and how you respond to that incident).

Reuters reported that the price hikes follow a challenging year of criminal hackers using ransomware to take down systems that control everything from hospital billing to manufacturing. “Ransomware is more sophisticated and dangerous than we saw in the past,” said Adam Kujawa, director of Malwarebytes Labs.

The average ransom of $41,198 during the 2019 third quarter more than tripled from the first quarter, according to Coveware, which helps negotiate and facilitate the payments.

Talk to your current insurance provider or do research if you have not already looked at cyber insurance as part of your overall Disaster Recovery and Business Continuity Plans.

Download the Ransomware Hostage Rescue Manual

What can you do to prevent a ransomware attack?

  • Train, train, train your users. Implement Security Awareness Training if you have not already, and make sure you are managing your solution and reviewing its effectiveness.
    1. We’re happy to help you with baseline tests, evaluations, or have more discussions if you are ready.
  • Evaluate your Disaster Recovery plans – what are you backing up, how often, and what would it take to recover?
    1. What if your backups are also infected? Do you have an Incident Response Plan in place to address an attack?
    2. We highly encourage every company to do tabletop exercises around security. We’re happy to facilitate.
  • Evaluate your Layered Security in its entirety:
    1. Is your firewall up to date, managed, and have you reviewed your firewall rules? Consider a Managed Firewall!
    2. Do you have a Security Information and Event Management tool or solution in place to analyze and correlate logs?
    3. What are you doing for email security (preventing possible threats from ever reaching your end users)?

Prevention is key – I am, and always will be, a believer in Layered Security – constantly evaluating every aspect of what security means for your organization. You have to take a holistic approach and adapt quickly as threats and exploits change. This is not always about additional investment – it’s oftentimes about staying vigilant about the tools, products, and solutions you already have.

Stay safe out there—

Mike Pape

If you would like this delivered to your email box weekly--sign-up for the cybersecurity newsletter

Topics: cybersecurity strategy, Cyber Insurance Policy, Security Posture

New call-to-action

Recent Posts

Increased Usage Creates Need for Better Cloud Governance

read more

4 Reasons Why Businesses Love Office 365

read more

Data Structured Cabling 101: A Primer for Optimizing Data Flow

read more