Preventing Ransomware is Part of a Good Idea

Preventing Ransomware is Part of a Good Idea

Ransomware attacks are a real concern for businesses of all types and sizes. Bad actors use malware to lock down critical systems and demand payment. The crippling effects can significantly damage, or even shutter, unprepared businesses. So, what’s an organization to do?

The obvious strategy is to avoid being a victim. It makes sense. If bad actors can’t deliver their malware, they can’t lock you out. Your business never suffers. No one faces tough decisions about whether or not to pay a ransom. No one loses their job.

The problem with relying solely on prevention is that defenses sometimes do get beat. As the old adage goes, “defenders have to succeed 100% of the time, but the adversary has to succeed only once.” Chances are that someone in your organization, at some point, is going to click on something that they shouldn’t. Or that some critical vulnerability will remain unpatched just a little too long.

Prevention is critical, but it is not enough. That’s why a comprehensive ransomware strategy focuses not just on prevention, but plans for containment and recovery as well. Defend with the assumption that you’ll one day be a victim, and you will greatly reduce vulnerability and minimize damage from successful ransomware attacks. Taking this comprehensive approach to ransomware attack resilience will help to keep you in control and achieve peace of mind. And the best time to do that is now — before an incident.

Prevent. Contain. Recover.

Defend the Wall

There are many protections recommended for defending against malware. These include email protections, anti-virus and malware defenses on your endpoints, staying current on patching, continuous vulnerability management, controlling use of administrative privileges, and having a secure configuration of network devices. Of course, training and ensuring staff follows security protocol is also critical when it comes to ransomware defense.

Follow Backup Best Practices

Just as important is to prepare for the worst. Have good backups! The quickest way to recover operations, and not risk losing critical data, is to have it duplicated and securely stored. Having safe backups means never even having to consider ransomware demands.

Be Proactive

Assess your ransomware preparedness strategy so you can make improvements where necessary. For those wanting targeted guidance, our Ransomware Protection consulting delivers just that. Our expert team efficiently assesses your ability to prevent, respond to, and recover from ransomware attacks, and delivers prescriptive guidance based on proven practices. And if you need help implementing, we can do that too.

The secret to beating extortion is simple — minimize your likelihood of being a ransomware victim and maximize your ability to respond if a threat were to succeed.



Aaron Sierra, Director of Solution Architecture at GMI, is a passionate cyber security leader and consultant with nearly two decades of developing, leading, and advising diverse security programs. Leveraging this deep experience, Aaron advises security programs of all sizes and maturity levels with highly-differentiated security solutions that address the most daunting security challenges of each unique organization. He is also an avid surfer who strives to make regular appearances on the waves near his home in southern California.

Computer with Xs on it
GMI Logo

Ransomware Protection

What is Ransomware?

You’ve heard about it on the news. You’ve seen it cause companies, cities, hospitals, banks and schools to crumble. What exactly is it? Simply put, ransomware is a type of malicious software (malware) that enables criminals to lock crucial computer systems or data and demand a sum of money for their return. Once they have encrypted the data, the extortion commences. You can pay the ransom with the hope of getting the data back (the FBI advises against this). Or, bring in experts to remove the infection and hopefully recover the files from backups. Ransomware commonly finds its way into computer systems via phishing emails or infected websites, making just about every industry and organization a viable target.

Who is Most Vulnerable to a Ransomware Attack?

There’s a reason for the widespread interest in ransomware defense. Ransomware doesn’t discriminate; from Fortune 100 companies to small and medium-sized businesses (SMBs), organizations of all magnitudes are susceptible to an attack. The 2020 Verizon Data Breach Investigations Report showed malware incidents and breaches in just about every industry. The most reported incidents were in the Manufacturing, Public, Accommodation / Food Services, Professional Services, Education and Information industries respectively.

How Can You Improve Ransomware Resilience?

Fortunately, you can prevent a ransomware from ever entering your system by implementing common cyber security best practices. By understanding the most common attack vectors used by cybercriminals, you can effectively strengthen your security posture and reduce the risk of a breach.

Human error continues to be the biggest threat to security of an organization. Phishing, which involves disguising oneself in order to obtain fraudulent information or deliver malicious files, remains the most common technique used by cybercriminals to initiate a ransomware attack. The good news is, with some specific network controls in place, as well as cyber security training for employees and multi-factor authentication practices, most ransomware attacks can be prevented.

To be clear, ransomware resilience goes beyond prevention. For an organization to be resilient to ransomware, it must also be ready to respond to and recover from a ransomware attack if one should ever succeed. This crucial pre-planning exercise will pay dividends by reducing recovery times, eliminating the temptation to pay ransoms, improving the likelihood of ransomware data recovery, and minimizing the potential damage caused by the attack.

GMI's Ransomware Protection Service

We’ve helped organizations of all sizes become ransomware resilient. Guided by established best practices, this consultation focuses exclusively on ransomware prevention and recovery, efficiently assessing your strengths and weaknesses. Our experts forgo extensive (and time consuming) discovery and documentation to quickly deliver what matters most — prescriptive guidance to decrease your likelihood of a ransomware victimization.

If you haven’t recently been professionally assessed and are concerned about ransomware, this will help you sleep at night. A partnership with GMI brings highly-sought technical expertise, industry experience, and a myriad of tools to the forefront of your organization’s defenses. You don’t have to go it alone.

Already a Victim of a Ransomware Attack?

GMI has helped organizations of all sizes face the daunting task of remediation after a ransomware attack. We’ve been in the trenches, helping them make it to the other side. Contact us for help.

Speak with a Pro