Time to reassess your cybersecurity strategies. Again.
Ransomware attacks on businesses have increased by one-third in the past year, according to a recent report by the Boston-based cybersecurity company Cybereason. Most (73 percent of businesses) were hit by at least one ransomware attack in the past year, and 68 percent of businesses that paid a ransom were hit again in less than a month for a higher ransom, according to the survey, which polled 1,456 cybersecurity professionals at global companies with 700 or more employees. These attacks have big implications: Thirty-seven percent of companies were forced to lay off employees after paying ransoms, and 33 percent were forced to temporarily suspend business.
Since the invasion of Ukraine, cybersecurity experts have insisted businesses improve their lines of defense to protect against an increased risk of ransomware attacks from Russia. Ransomware attacks have also increased since the start of the pandemic--the rise of remote work increased vulnerability for many businesses, which hackers have taken advantage of, a 2020 FBI memo noted. So, enterprises of all sizes are at risk from many more points of attack.
Keeping your cybersecurity defenses up to date can help protect your business from a costly attack, but a combination of monitoring software and regular employee training is best. Here are a few steps you can take to shield your company.
Hackers are getting better at phishing emails, so it's important to regularly train employees on cybersecurity best practices. Help them understand what to look out for, and create a culture where, if an employee does accidentally click a link that they shouldn't have, they'll have the confidence to flag their mistake as soon as possible.
Don't get cheap
A good rule of thumb is to set aside 10 percent of your tech budget for cybersecurity, Jaya Baloo, chief information security officer at antivirus software maker Avast, has told Inc. Spending on cybersecurity and training is expensive--but when you compare the investment with the potential cost of a ransomware attack, the price is relative. As Cybereason's report points out, ransomware attacks come with a bevy of costs, including lost revenue, the cost of remediation, higher insurance premiums, regulatory fines, and legal fees.
Surveillance is vital
The right cybersecurity technology can help you spot attackers before they hold your information hostage. Attackers often get into systems long before they make demands. Cybereason's survey shows that 63 percent of businesses reported that attackers were in their networks for up to six months before attacking. One solution, according to StoneAge CEO Kerry Siggins---whose company experienced a ransomware attack in 2020--is a 24-hour monitoring software that can help you notice these changes and take action.