Companies ranging from small and mid-sized businesses (SMBs) to global enterprises run on data—lots of it. Hacktivists and cybercriminals have taken notice. Recent research shows that while 90 percent of the world’s data was created in just the past few years, in that same period, data breaches increased by 54 percent 1.
Your clients, especially those that are SMBs, may think that they are too small to experience a ransomware attack. However, SMBs often lack in-house IT expertise to effectively manage their data assets. Oftentimes, they serve as contractors to larger enterprises and can unintentionally provide easy access for cybercriminals. Finally, many of them operate without the proper data protection in place to defend against, prepare for and recover from ransomware. As a result, your clients are quickly becoming prime ransomware targets for cybercriminals.
The average cost of downtime for SMBs is $141,000, a more than 200 percent increase from previous years2. Can your clients afford that?
Don’t wait for your clients to experience a ransomware attack. Teach them how they can mitigate their risk of ransomware today. A good first step is to educate them on how ransomware is distributed. Email remains the number-one vehicle for distributing ransomware with cybercriminals preferring to use links first, followed by attachments3.
Distribution of Ransomware
- Email Links, 31%
- Email Attachments, 28%
- Website Attachments, 24%
- Unknown Sources, 9%
- Social Media, 4%
- Business Applications, 1%
If those numbers don’t get your clients’ attention, tell them that more than nine in 10 malware infections were delivered to victims via email last year. The most used file types for concealing malware were:
- Microsoft Office documents, 45%
- Windows apps, 26%
You can help your clients mitigate their risk of ransomware attacks by guiding them through these five steps:
Stop Known Threats
Provide your clients with a cybersecurity solution that stops known ransomware threats across all attack vectors. This requires a layered security model that includes network, endpoint, application and data-center controls powered by proactive, actionable threat intelligence.
Detect New Threats
As existing ransomware is constantly morphing and new ransomware is being released, encourage your clients to implement the right sandbox and other advanced detection techniques to pinpoint the variants across vectors.
Educate Employees
Your clients’ employees can accidentally become “malicious insiders” when they click on something in their email or on a website that can lead to infection. Proactively educating them on common “tricks” used by cybercriminals such as phishing emails can help mitigate this risk.
Patch Regularly
Ransomware code often targets known vulnerabilities. Keeping your clients’ software and firmware updated helps eliminate a possible attack vector.
Back-Up Critical Systems and Data
It can be time-consuming to restore an encrypted system, not to mention a drain on your clients’ resources. Help them identify and implement the right technology and processes to ensure that their data backups align with their business requirements and facilitate swift data recovery as needed.
Nearly every industry sector and organization size is affected by ransomware today. Help your clients strengthen their security postures and mitigate their risks with the right tools, information and resources.
- 1 Nick Parkin, “Businesses will need to be more data savvy in 2020 to reap rewards of big data,” ITProPortal, January 9, 2020.
- 2 Yotam Gutman, “What is the True Cost of a Ransomware Attack? 6 Factors to Consider,” SentinelOne, January 8, 2020
- 3 “2019 Data Breach Investigations Report” Verizon, 2019