The recent ransomware attacks on companies across the nation, including the attacks on the Colonial Pipeline and JBS Foods, have gotten a lot of businesses worried about the threat of cyberattacks. The White House released a memo urging business leaders to immediately evaluate their security posture and protect themselves from these ransomware attacks. They warn that no company is safe from being targeted by ransomware.
The Biden administration also released a list of best practices for safeguarding against ransomware attacks. Every business, no matter the size, industry, or location, should follow these best practices to better protect themselves from a cyberattack.
1. Backup your data offline and regularly test backups
All data, system images, and configurations should be backed up offline so that if your network data gets encrypted with ransomware, you can safely restore systems. Backups need to be regularly tested and should not be connected to the business network to ensure ransomware cannot encrypt or delete accessible backups.
2. Update and patch systems promptly
Updating and patching systems maintains the security of operating systems, applications, and firmware. Use a risk-based assessment strategy to drive your patch management program.
3. Implement multi-factor authentication
Multi-factor authentication (MFA) requires a user to provide two or more verification factors to gain access or login to a resource such as an application or online account. MFA decreases the likelihood of a successful cyberattack by asking for more than just a username and password, which are routinely compromised.
4. Test your incident response plan
Not only do you need a strong incident response plan, but you also need to test it. Testing your incident response plan will help you discover any gaps or vulnerabilities in the plan. To build an incident response plan, run through core questions such as: Are you able to sustain business operations without access to certain systems? For how long?
5. Segment your networks
Separating your corporate business functions and manufacturing/production operations has become critically important as cybercriminals shift their focus from simply stealing data to disrupting operations. Any links between networks could give ransomware the ability to compromise your entire network. Develop workarounds or manual controls to ensure your manufacturing/production network can be isolated and continue operating if the corporate network is compromised.
6. Encrypt your data
Encryption involves encoding data so that it remains hidden or inaccessible to unauthorized users. If your data is encrypted, then it would be unusable if it gets stolen.
7. Implement endpoint detection & response
Endpoint detection and response tools monitor and record endpoint and network events in order to analyze, detect, and investigate these events. This research allows for further reporting and alerting, hunting down malicious activity on a network and blocking it.
8. Partner with a highly skilled & empowered security team
Your security team needs to be able to patch rapidly and share and incorporate threat information in your defenses. In order to protect your business, you need a strong security partner to guide you through the often-complex world of cybersecurity and recommend the best strategies for your business.
Digital Boardwalk has a deep understanding of these best practices, as well as over a decade of experience in improving businesses’ security. Schedule a free, no-obligation evaluation of your business’s security posture with our Virtual Chief Information Officer here. Don’t take any chances when it comes to your business’s protection.