How to avoid a ransomware attack

Computer Security

Ransomware is a major security threat, three companies alone in 2017 identified $700 million worth of damage from recent attacks, and the global damage is assessed to be exponentially higher. Businesses recognize the severity of the threat, and now need to develop strategies to minimize their risk.

The first step is a thorough diagnosis of the security status of your organization today. Then, we can determine an improvement plan to deliver a future state that tailors investment to deliver risk reduction.

Here’s a checklist of DXC’s “5A” strategic principles of ransomware resilience:

  • ABCs. Get the basics right, such as timely patching, penetration testing and antivirus deployment. Robust oversight is vital to ensure that standards remain high and operations are continually optimized.
  • Avoidance. Utilize threat intelligence and filtering technologies to stop known ransomware from reaching your users or breaching your outer defenses.
  • Awareness. Teach employees to recognize phishing emails that may contain ransomware. Success in education requires engaging and customized training, and ensuring that employee performance is linked to a “sticks and carrots” approach.
  • Anomaly detection. Leverage behavior analytics to rapidly identify anomalies and detect ransomware. Deploy tools that continually evaluate the environment to baseline normal, so that they can identify anomalies and trigger defenses.
  • Armor. The last resort is using a containerization solutions that can prevent ransomware that successfully executes from compromising the host device.

The reality is that no IT defensive posture can offer a complete guarantee of security. However, DXC believes that expert application of the 5A principles can provide a “defense-in-depth” approach that will deliver resilience against not only ransomware, but all other advanced threats.

Chris Moyer is chief technology officer for Security at DXC Technology. He has spent more than 25 years building business and technology solutions for clients in several industries across multiple geographies. In previous roles, he has led solutioning, transformation projects and delivery assurance. He is also a member of the Institute of Electrical and Electronics Engineers. Connect with him on Twitter and LinkedIn.


Survey: Formal Education Leaves Software Developers Short on Security

Internet worms through the ages — from relatively low risk to highly destructive

Cyberattacks shut down more hospitals


  1. […] The next blog in this series will examine how to achieve resilience against ransomware with DXC’s 5A approach. […]

Speak Your Mind


This site uses Akismet to reduce spam. Learn how your comment data is processed.