TALKING business

With many companies structuring their workforce around a model that accommodates around 30 % remote workers , few were prepared for the jump to 100 %. While this transition brings a wave of opportunity for organizations and employees , it also opens new doors for bad actors to capitalize on strained IT departments who have taken on additional responsibility to ensure sensitive data remains secure , whether on or off the corporate network .

While threats to company data range in attack method , ransomware continues to be one of the most prominent risks known to Australian organizations .

Most recently , Telstra ’ s 2019 Security Report revealed that Australian organizations disrupted by a security breach in the previous 12 months could attribute 81 % of these attacks to ransomware .

With this in mind , it is important that companies focus on acknowledging this threat and deploying strategies to prepare , defend and repair incidents , before adapting to a hybrid workforce model . This process will prevent organizations from falling victim to attacks where data loss or ransom payment are the only unfortunate options .

To win the war on ransomware , organizations should incorporate a plan for IT organizations that ensures they have the resilience needed to overcome any attack . Let ’ s explore three crucial steps for ransomware resilience in more detail .

Education not reaction

After threat actors are identified , education should be the first step taken on the path towards resilience . To avoid being caught in a reactive position , should a ransomware incident arise , it ’ s important to understand the three main mechanisms for entry : Internet-connected RDP or other remote access , phishing attacks and software vulnerabilities .

Rick Vanover , Senior Director of Product Strategy , Veeam

Once organizations know where the threats lie , they can tactfully approach training with strategies to refine IT and user security , putting additional preparation tactics in place . Identifying the top three mechanisms can help IT administration isolate RDP servers with backup components , integrate tools to assess the threat of phishing attacks to help spot and respond correctly , and inform users on recurrent updates to critical categories of IT assets , such as operating systems , applications , databases and device firmware .

Additionally , preparing how to use the ransomware tools in place will help IT organizations familiarize themselves with different restore scenarios . Whether it be a secure restore process that will abort when malware is detected or software that can detect ransomware ahead of restoring a system , the ability to perform different restore scenarios will become invaluable to organizations . www . intelligentcio . com INTELLIGENTCIO

37