Kevin Henry - 4 tips to avoid ransomware

About our Talent Services

You want new efficiencies, new opportunities and growth from technology, and you will need skills to get them. With Readynez Talent Services you will answer real and burning business challenges. No wonder we’ve been awarded the Microsoft Learning Partner of the year global finalist award for helping businesses transform and achieve remarkable results.

Get started

I’m an opportunity Leader looking for talent

I’m an ambitious graduate looking for an exciting career

The news is full of stories about the impact of ransomware and how it has affected many businesses, governments and individuals.

The proliferation and ease of ransomware infections underlines the importance of good security practices. Like the examples of high-seas piracy that have persisted over the years there is no quick or easy cure.

Doing business in a networked world involves risk. Trading on the high seas is both profitable and necessary for the economy to exist, but the adversaries are numerous, capable and determined. Since the adversaries are based in many international locations the identification and prosecution of the thieves is difficult and maybe nearly impossible.

I personally thought that the attacks against very critical services such as healthcare and infrastructure would spur governments into concerted action. But that has not happened – perhaps for many reasons that I will not speculate on.

So what should we do?
The contrast between an essential business operation but an uncontrollable threat? We need to communicate and network globally in order to reach our clients, citizens and  suppliers. We cannot count on law enforcement to be a deterrence to attacks, and the cost of attacks is increasing and onerous.

I will not advise whether or not to pay the ransom. We have seen cases where essential business operations would be crippled resulting in enormous impact to millions of people and perhaps the ransom was justified. But do we want to support criminal activity? Tough question.

Becoming a victim of ransomware may be unavoidable. Many organizations that have excellent security people on staff or are working with top-flight consulting firms have become victims despite their best efforts. (There were many others that became victims through poor practices, but let’s look for solutions not blame).

Face the enemy
The requirement for all of us to face the enemy. Acknowledge the threat and prepare for attacks. Implement security basics such as policies, training and awareness, monitoring and most of all frequent backups and plans for restoration of systems in case of a failure. Preparing for ransomware should involve business continuity, risk management and security monitoring. There are many factors that may lead to a ransomware attack but it is probably impossible to address them all.

Despite our best efforts there are probably still multiple misconfigurations and human error that will open the door for an attack. But you can have the basics in order:

  • Backup, practice restoring systems until it becomes second nature.
  • Educate and create a security culture.
  • Have plans in place to be ready for an attack. Address communications with clients, employees, suppliers, media and regulatory bodies.
  • Learn from the misfortune of others and be sure we apply the lessons learned.

Be safe – be secure

You may be also be interested in IT-security courses: Learn all about Readynez IT-security training here

2. Jun 2020

by Kevin Henry

Kevin Henry

Senior Instructor Readynez

Kevin Henry has served for many years as an authorized instructor for (ISC)2 and he is renowned for his 20 year contribution to learners training for IT security skills- and certifications such as the CISSP, CISM, CISA and CCSP everywhere in the world.

Readynez uses cookies to improve your website experience. To learn more please read our policy.

Privacy policy OK