Question: How can I reduce the chances of my company getting hit by ransomware? Where do I start?
Kurtis Minder, CEO and co-founder of GroupSense:Ransomware attacks are becoming more common, but it’s important to remember that many of these attacks can be prevented. Companies need to lock their doors and put in place security protocols that don’t give threat actors easy access.
There’s a shortlist of only nine or 10 ways that threat actors gain access to networks in the first place. The two most common ways we see attacks happen are lack of multifactor authentication and poor credential and password policies. These simple cyber-hygiene practices are inexpensive and don't require outside or technical work. In addition to these practices, I suggest companies not only have backups in place, but also test them frequently to make sure they work and can be up and running in a timely fashion in case they are hit with ransomware.
Studies have suggested that over 80% of the attacks last year were focused on Remote Desktop Protocol (RDP) that was improperly secured. Fix that and the number of companies at risk will be significantly reduced.