Pulse Community Insights

3 things you should be doing for ransomware prevention

Cybersecurity

September 27, 2021
·
4
min read
Ransomware prevention

Ransomware is one of the most discussed topics in the Pulse community. We asked one of our Pulse community members to provide his input on what organizations should be doing to prevent ransomware attacks.

Ransomware is one of the most discussed topics in the Pulse community. Over the last few months, we’ve seen an increase of questions and Quick Polls from Directors, VPs, and CxOs primarily in the healthcare, finance, and IT industries seeking advice from their peers on ransomware prevention methods. We asked one of our Pulse community members, Mark Thiele—who is the CEO of Edgevana—to provide his input on what organizations should be doing to prevent ransomware attacks.


Ransomware prevention tip #1: Regular training

First, Mark suggests implementing regular, mandatory training for employees across all levels of the organization on the risks associated with social engineering and fraudulent emails. A Quick Poll in our Pulse community shows that 55% of other technology leaders agree that employee education is the most critical step in preventing ransomware. Although this is a common practice, enforcing regular cybersecurity and ransomware awareness training is often not done the right way. How do you get employees to care about this type of security training?


Mark comments, “Leadership has to effectively convey the importance of maintaining security vigilance. If security is mentioned in onboarding training or maybe through a quarterly test email, then it will get the level of attention the employee thinks the business is giving it, which is not much. Create a top-down approach to how security is adopted and how the importance of it applies to building revenue, protecting the future, creating/saving jobs, and having the C-Suite directly involved.”


Ransomware prevention tip #2: Recovery plan

Next, Mark suggests ensuring that IT has a business recovery or continuity plan, which includes two broad areas: data recovery and environment.


Data recovery

In a recent poll, 83% of respondents stated their organization will likely be implementing a ransomware remediation plan over the next year. Mark emphasizes the importance of using best practices for backup retention and protection against ransomware, such as using encrypted and multi-version data backup, along with regular testing. He also stresses another common yet major security flaw: backups should not be kept on a network that could be shared with other possibly compromised networks.


Environment

Determine how quickly and effectively data can be recovered in an environment (i.e., an application on servers with a single client or hundreds of clients).

💬 What’s more important: ransomware solutions or data recovery?
Coincidentally, there’s an ongoing discussion in the Pulse community about whether organizations should focus on ransomware solutions or data recovery, and the respondents’ opinions are divided on the issue. If you’d like to share your opinion on this topic, we’d love to hear from you. Sign in to Pulse and add to the discussion.

Ransomware prevention tip #3: “Destroy and replace” protocols

Although this method might not be the best long-term solution to ransomware prevention, Mark proposes developing a “destroy and replace” protocol and process for all environments. This means that everything within an environment should be destroyed: networks, servers, identity, client, images, and more.


Unfortunately, it doesn’t seem like we’ll see an end to ransomware attacks, which means ransomware prevention is going to continue to be a hot topic over the foreseeable future.


Access data and intelligence from thousands of verified technology CxOs, VPS, and Directors, while engaging in compelling conversations about what's top-of-mind for tech leaders today.

Join the Pulse Community

Join the executive community

Make and shape business decisions with tried-and-true advice and benchmarks from technology leaders

Executives powering Pulse

“With its survey data, Pulse skips the anecdotes and provides deep context and real numbers for the topics that are top of mind for my organization.”
Julie Cullivan photo
Julie Cullivan
Chief Technology and People Officer, Forescout
“Pulse beats any other platform, research company, Slack groups, etc. at getting me the most relevant advice and content. I rely on Pulse for all knowledge and insights. The answers are consistently exactly what I need.”
Roberto Torres photo
Roberto Torres
CTO, Taimingo
“What the IT community has needed is a vendor free, agenda free platform which encourages discussion and debate amongst peers. Pulse has nailed that in both their Q&A and timely reports.”
Lee's headshot
Lee Vorthman
CSO, Oracle
“I love that Pulse is a one-stop shop for all the peer conversations and insights that are presently super scattered and disconnected among various Slack channels and other CIO groups.”
Enrique Jenkins photo
Enrique Jenkins
Head of IT, DoorDash
“Being able to drive discussions on new tech with my peers and getting immediate feedback is exactly what has been missing until Pulse.”
Manjit Singh photo
Manjit Singh
CIO, Toyota
“For the past two weeks, the first news source I check [every morning] is Pulse. I look at Focused Five everyday. Pulse first, then Twitter, etc. You're that good.”
Miguel Borbolla Olea photo
Miguel Borbolla Olea
Director of IT, OCESA
“I’m excited for what the Pulse team have built to better connect the CIO community. It’s been exceptional for many of us in the community to get clarity and aid decision making as we develop our strategy.”
Yusuf Khan image
Yousuf Khan
CIO, Automation Anywhere
"Transformative change and real-time insights can only come from the people who are doing it day to day in an innovative way. I get a wide variety of that insight from Pulse."
Malcolm Harkins photo
Malcolm Harkins
Chief Security and Trust Officer, Cymatic