These basic steps can help guard against ransomware attacks

Register now

Ransomware continues to be a major security threat for organizations, as cyber criminals look for new ways to launch attacks that can put companies at risk of huge losses.

Fortunately enterprises can take steps to protect themselves. Earlier this year the Cybersecurity and Infrastructure Security Agency (CISA), part of the U.S. Department of Homeland Security, released recommendations for defending against these attacks and protecting data and networks.

One is to perform frequent backups of systems and important files, and verify backups regularly. If systems become infected with ransomware, users can restore them to their previous state using backups.

Backups should be stored on separate devices that can’t be accessed from a network, such as on an external hard drive. Once the backup is completed, users should disconnect the external hard drive or other separate device from the network.

In addition, organizations should make sure they provide cyber security awareness training to employees. Ideally, they should have regular and mandatory awareness training sessions to ensure personnel are informed about current cyber security threats and threat actor techniques.

To improve workforce awareness, organizations can test their employees with phishing assessments that simulate real-world phishing emails.

Other good practices include updating and patching systems, using caution with links and when entering Web site addresses, keeping personal information protected, verifying email senders, and using preventative tools such as antivirus software, firewalls and email filters.

For reprint and licensing requests for this article, click here.