Ransomware is a rapidly growing threat for Canadian businesses, with a devastating impact.
It is insidious, quietly penetrating an organization’s network to halt business-critical operations or threaten to release sensitive information in exchange for currency, causing downtime, reputational harm, and money.
Since the onset of the pandemic, when more businesses moved to more vulnerable remote and hybrid models, the problem exploded: more than 235 ransomware attacks were reported in Canada in 2021.
Ransomware is rapidly becoming a question of when, not if, which is why a multi-layered approach with secure first and last lines of defence will provide the strongest protection.
The First Line of Defence – Preventing the Breach
Security management for a hybrid workforce requires rigorous end-to-end management and monitoring from experienced IT professionals. Your first line of defence is your endpoints – workers and their devices.
Remote device management, anti-malware protection, and two-factor authentication are critical elements of a secure first line. However, from phishing emails to unsecured Wi-Fi, there are myriad ways employees can unwittingly open the gates to ransomware. This should be addressed with regular cybersecurity awareness training and established security best practices.
Managing the first line of defence for a hybrid workforce is complex, putting great demand on the IT team which can lead to small cracks in the defence. We recommend running an IT Health Check to ensure this doesn’t happen.
Ransomware is often highly sophisticated and very sneaky – according to IBM, in 2020 it took companies an average of 228 days to detect a breach. Some strains of ransomware can even disable your antivirus, compromising your first line of defence.
The Last Line of Defence – Stopping It in Its Tracks
So, what happens if ransomware bypasses the endpoint protections in your first line of defence?
Ransomware is designed to rapidly spread from device to device, seeking out pathways to penetrate further into your central systems and take control of business-critical assets. Secure firewalls, data encryption, and VPN authentication protocols should be put in place to deter further penetration. In the event a breach does happen, your business is counting on immediate detection and response to mitigate further damage.
Ricoh’s Cyber Security Practice provides a revolutionary “Last Line of Defence” to ransomware and our RansomCare, an automated solution that stops a ransomware outbreak in its tracks.
From a central server installation, RansomCare detects ransomware attacks by looking into the heuristics of the data files stored on your network and in the cloud, preventing it from moving deeper into your network.
When RansomCare detects an attack, an alert is raised instantly and a response can be triggered to shut down the endpoint under attack (Windows, Mac, and Linux), halting the spread instantly.
Breathe Easy with Complete Ransomware Protection
Your business’s defence strategy needs to include business continuity and disaster recovery with a “Last Line of Defence” solution that enables automatic alerting, shutdown response, and quick recovery.