How to prevent ransomware spreading quickly
So, you’ve considered your level of cyber risk and levelled up your security strategy, but an attacker still manages to get in! Perhaps via a phishing attack that caught out an unsuspecting employee.
In the DCMS survey, it was revealed that of the 39% of UK businesses who identified a cyberattack in the last 12 months, the most common threat vector was phishing attempts (83%).
Educating (and regularly reminding) employees on identifying malicious emails, links and attachments, is one of the most effective ways to prevent a ransomware attack. However, beyond that, some things you can do to slow the spread of a ransomware attack, should it happen, include network segmentation, data encryption and the principle of least privilege. The latter works precisely as it sounds, by affording employees the minimum number of privileges they need to perform their role. Someone with higher privileges, such as an IT administrator, should have a separate account for accessing these privileges rather than using the same credentials they use to check their emails. Why is this? It’s all about minimizing risk exposure. In the case that an application or service is compromised, you will want the attacker to have the lowest possible level of access.
If a business can maneuver into a position where it can properly assess risk and identify vulnerabilities, it will be empowered to accelerate its digital transformation with confidence, and without succumbing to the increasing threat of ransomware.
To learn more about how SureCloud can help with assessing ransomware risk, click here.