CSW S1, E4 - A Deeper Dive into Ransomware

CSW S1, E4 - A Deeper Dive into Ransomware

Fred Cobb - CISO and VP of Services, InfoSystems

Josh Davis - VP of Marketing, InfoSystems

In this episode, we dive deeper into what you can do to protect yourself against ransomware. There are many basic things that can be done to protect your company. Often these basic tasks are free or inexpensive (outside of the time needed to do them). Not everything in relation to Cybersecurity comes with a big price tag.


Two Main Types of Attacks

    1. Phish emails: attacks targeted at businesses and/or specific people.
    2. Indiscriminate email attacks: attacks created to target anyone; free floating attacks; sent through massive phishing email blasts.


How To Better Protect Yourself

- Good Backups - Even today, many companies don't have good backups. People assume they won't be targeted by a cyber-attack, or believe that their files are safe in "the Cloud." That is not the case. It's important to get this right: (1) Choose a reputable company for your backups; (2) Test your backups; and (3) Maintain your backups.

- Incident Response Plan - You need defined procedures around an attack. You need to know who to call, what steps to take, and responsibilities of each team member. You need to determine how long your business can be down. Can your business afford to be down for a week? Two days? An hour?

- Training - KnowBe4 is a fantastic product for simulated attacks. In a nonlethal and controlled manner, KnowBe4 is able to determine-through 16 common ransomware variants-how susceptible your business is to ransomware attacks.


Other options include: spam filtering, technology tools (you can easily purchase), and looking at network events through event monitoring solutions.

Remember, the survival of your company can easily come down to whether or not you have a plan. When the big day comes and you're under attack, if you don't have a plan with names, numbers, procedures, and contact information, the situation can quickly get out of control. The biggest thing you can do is "train the human." Train your employees to be aware - to recognize and avoid phishing attacks.


More Information about Our Cybersecurity Services

The InfoSystems Protect cyber services team can help in all areas required to strengthen your cyber defenses. Our team can help create or revise incident response plans, launch simulated phishing attacks to test your preparedness, and begin a training program to help your employees become more aware. Begin with a Cybersecurity Assessment or call us to schedule a meeting to learn more (423-624-6551).

Our ultimate goal is to be a great technology partner for our customers (just like we always have been) and make Cybersecurity easy. We're ready to go to work for you.