Malware & Ransomware: SMB Best Practices
In the wake of the past several weeks of broad and damaging cyber-attacks, it’s important that we talk about proactive measures the small and medium organizations should consider to protect your environment. Many of my colleagues have articulated the damage and origins of the recent attacks: WannaCry & Petya. I find these insights extremely valuable to understand the root and attributions of the malware itself. These publicized reports provide all sized organizations context to the magnitude of the current and future damages these organized type attacks can deliver.
The small and medium business sector has the largest threat landscape for cyber-attacks. The potential damages to the hundreds of thousands of businesses in the USA is an alarming statistic. The questions that consistently are asked by the small and medium business is; what should I do to protect my company? And, how can I afford the equipment, software and human resources required to truly become cyber prepared? Good news! There are options and practical real-world solutions available.
Many smaller organizations don’t have the internal resources to research both the industry standards and proprietary models to understand what is the best cybersecurity approach. A best practice is to use a methodical standards-based approach to build cyber awareness, develop a plan to improve and implement a proactive monitoring solution as an appropriate start to cyber preparedness. Noted below are strategic and tactical plans the small and medium businesses should implement immediately.
- Cybersecurity assessment – understand your current posture to identify vulnerabilities
- Gap analysis – a comprehensive view of what needs improvement
- Plan of Action – a detailed, real-world and affordable improvement plan
- Continuous monitoring – become a proactive cyber aware company to know when changes occur
Tactical recommendations for WannaCry & Petya variants:
- Ensure systems are patched and all antivirus programs are up to date
- Implement and determine if backup systems are effectively configured
- Restore only backups that have been securely managed
- Isolate any unpatched systems
- Monitor all networks and device connectivity