If I go into your house and take all of the things important to you, lock them away in a safe and I am the only one with the key and I tell you that you will have to pay me to get the stuff back, that’s ransomware.
Cybersecurity experts are warning that by 2021, businesses will fall victim to ransomware every 11 seconds. That’s down from every 14 seconds in 2019.
Can you imagine being one of those businesses?
Having to make the decision—do I pay the ransom, knowing that I will be fueling more attacks on businesses potentially in my community—or risk not being able to recover because I’ve never personally tested or seen that my backups are good enough or even secure enough for my organization to withstand an attack?
The cost of ransomware in 2021 is estimated to hit 20 Billion dollars annually. Global estimates are now nearing 6 Trillion Dollars—yes, that’s trillion with a ‘T’.
As big money continues to pour into cyber criminal’s hands, one thing seems obvious. There is no stopping the flood of talented people into cybercrime. They are going where the money is and it is not in protecting your businesses.
Over half of attacks begin today with phishing attacks—primarily targeting very specific people in your organization. While preparing your team for phishing attacks and identifying unique characteristics of them is important, one of the best ways security experts still advise to protect your data is by making sure your patches and critical system updates have been successfully applied.
Every year, hundreds of thousands of security vulnerabilities are announced, but in most of those instances, our organizations do nothing because we are not made aware of what is going on or because there are just too many to handle and visibly control.
In nearly every cybersecurity insurance case last year, network vulnerabilities were partially to blame for the devastation left by a ransomware attack.
One major problem with updating computer systems across the network? Experts typically find that between 35 and 50% of their systems have not had all available patches applied. That means that within your organization, you might have half of your team walking around susceptible to a hacking event. Does it make you feel good that the possible line of defense is phishing training?
Here are some additional ways to protect your network:
Remind your employees about updates—explain to them with stories why updates are important. Get them engaged into making sure their computers are patched—to protect their personal and their client’s information. Make sure to put faces to stories to really highlight the importance of security.
Share examples of threats—share examples of threats to your entire team. Even if they aren’t related to emails, it’s good for your team to understand how criminals are getting onto networks so that they can see where they fit in across the board.
Give them ways to speak up—create ways for your team members to bring up issues or questions they have about security. Whether it’s for their personal data or at work, the more security and involved your team is in bringing up problems, the better off they will be in keeping your organization secure.
Unfortunately, no one is immune to an attack or breach. If you keep your team up to speed, you will be better off if your team embraces security.