VIPRE’s whitepaper emphasises the need for a multi-faceted approach against ransomware
VIPRE, a provider of security solutions purpose-built to protect people and businesses from costly and malicious threats, releases its latest whitepaper, which explores the rise of ransomware and how a multi-faceted approach is key to help mitigate such threats.
Ransomware is not a new phenomenon, but the rise in attacks over the past few years has been a cause for concern – with new tactics such as ‘Ransomware-as-a-Service,’ spear-phishing and social engineering coming into play. According to new research, ransomware incidents handled by the ICO increased from 326 in 2020 to 654 in 2021, and the sectors impacted heavily included finance, education and insurance among others.
Affecting both small to medium businesses (SMBs), as well as larger organisations, ransomware remains a key threat with the UK National Cybersecurity Centre declaring that “ransomware has become the most significant cyber threat facing the UK”.
Additionally, with organisations heavily relying on large amounts of data which is now flowing in and out of the company across various devices with modern working practices, this information needs to remain protected. It only takes one employee clicking on the wrong link in an email or downloading a malicious attachment for ransomware to take a business hostage which can have devastating consequences, from financial to reputational.
Therefore, putting controls in place to prevent ransomware attacks is the best course of action as prevention is always better than cure. VIPRE’s whitepaper explains that whilst ransomware is difficult to prevent, it’s not impossible. With a multi-faceted approach using software, IT, business processes and employee awareness, businesses can put the right measures in place to prevent attacks from occurring.
Within the latest report, VIPRE highlights the key controls organisations should add to its ransomware response plan in order to achieve the best security, including:
- Firewall – The foundation of building data protection, along with your network infrastructure and endpoints, a firewall or gateway needs to be put in place
- Endpoint protection – Secure endpoint protection should be in place to protect at the file, application, and network layer across all devices, and to respond to security alerts in real-time.
- Email security and encryption – Email is the most commonly exploited threat vector by cybercriminals. Therefore, an additional layer of security can be added to detect potential threats using AI and machine learning and protect sensitive emails via encryption.
- User and data protection tools – Users can be empowered with tools to help them protect an organisation’s data, for example, to check their emails are being sent out to the right person.
- Security awareness training: Users are the last line of defence. By having regular cybersecurity awareness training, including phishing penetration testing, businesses can build a more cyber-aware workforce.
By ensuring the right technology and processes are in place, the risk of data leaks can be mitigated, allowing data to be easily managed, minimising the impact of data loss for businesses and its customers, while ensuring business continuity.
Andrea Babbs, UK general manager, VIPRE, comments, “It’s clear that ransomware is becoming more advanced and more of a threat, however, so is the technology and the processes to prevent such attacks. By implementing the correct controls, organisations are able to reduce vulnerabilities across its IT infrastructure, helping to protect all endpoints. It is vital that organisations enable their users to monitor the information being sent out and coming in, in turn, reducing the flow of uncontrolled information into a business.”
To find out more about VIPRE and its latest ransomware whitepaper, please download the full report here.
Comment on this article below or via Twitter @IoTGN