Top Five Things You Can Do to Protect Your Business Against Ransomware

On Friday, May 7th, a ransomware attack disrupted operations and halted the flow of gasoline, diesel, and jet fuel through Colonial Pipeline. This was the largest cyberattack on an oil infrastructure target in US history. It led to a shutdown of the pipeline carrying 45% of the East Coast's fuel. The disruption inspired panic. It triggered gas hoarding as well as a declaration by President Biden of a state of emergency.

As we have experienced firsthand here at EXP, these kinds of malicious attacks are not solely directed at large organizations. They represent a real and persistent threat to businesses large and small.

In the wake of the Colonial Pipeline attack, it's wise for all organizations to evaluate the maturity of their cybersecurity practices.

Small and medium-sized businesses do not have the vast resources and multi-million dollar budgets for cybersecurity that Colonial Pipeline might. However, the good news is that there are things you can do that are affordable and effective.

We have built a “right-sized” cybersecurity program for our clients that you can implement, in full or selectively, to improve your cybersecurity position. Our program can include basic items, like Endpoint Protection (antivirus), all the way up to 24x7 Security Operations Center (SOC) monitoring of your systems.

The list below (a subset of our full list) is what we consider the top 5 things you can do to protect yourself and your business:

1. Enable Multi-Factor Authentication (MFA) everywhere that you can.
2. Conduct security awareness training for your employees!
   1. EXP’s 15 Minute Cybersecurity Awareness Training video is available to you at no cost.
   2. We can do a custom training session for your team.
   3. You can sign up for a service like KnowBe4.
3. Choose an email filtering solution with “Advanced Threat Protection”, which combines behavioral, heuristic, and sandboxing technologies to protect against sophisticated email borne attacks.
4. Upgrade from traditional antivirus software to an Endpoint Detection and Response (EDR) solution, such as SentinelOne, that uses Artificial Intelligence to detect things like ransomware.
5. Implement robust backup and disaster recovery solutions for all your data, whether it is on your servers or in the cloud. If you have local file storage – we highly recommend having your EXP consultant perform a ransomware simulation exercise.  This will generally take 2-4 hours and will be invaluable in the event of an actual incident.

If you would like to learn more about our "right-sized" approach to cybersecurity, if you need assistance deploying the layers of security described above, or if you would like to protect your business by engaging in a ransomware simulation exercise, contact EXP today!