How to avoid a ransomware attack

Computer Security

Ransomware is a major security threat, three companies alone in 2017 identified $700 million worth of damage from recent attacks, and the global damage is assessed to be exponentially higher. Businesses recognize the severity of the threat, and now need to develop strategies to minimize their risk.

The first step is a thorough diagnosis of the security status of your organization today. Then, we can determine an improvement plan to deliver a future state that tailors investment to deliver risk reduction.

Here’s a checklist of DXC’s “5A” strategic principles of ransomware resilience:

  • ABCs. Get the basics right, such as timely patching, penetration testing and antivirus deployment. Robust oversight is vital to ensure that standards remain high and operations are continually optimized.
  • Avoidance. Utilize threat intelligence and filtering technologies to stop known ransomware from reaching your users or breaching your outer defenses.
  • Awareness. Teach employees to recognize phishing emails that may contain ransomware. Success in education requires engaging and customized training, and ensuring that employee performance is linked to a “sticks and carrots” approach.
  • Anomaly detection. Leverage behavior analytics to rapidly identify anomalies and detect ransomware. Deploy tools that continually evaluate the environment to baseline normal, so that they can identify anomalies and trigger defenses.
  • Armor. The last resort is using a containerization solutions that can prevent ransomware that successfully executes from compromising the host device.

The reality is that no IT defensive posture can offer a complete guarantee of security. However, DXC believes that expert application of the 5A principles can provide a “defense-in-depth” approach that will deliver resilience against not only ransomware, but all other advanced threats.


Chris Moyer is chief technology officer for Security at DXC Technology. He has spent more than 25 years building business and technology solutions for clients in several industries across multiple geographies. In previous roles, he has led solutioning, transformation projects and delivery assurance. He is also a member of the Institute of Electrical and Electronics Engineers. Connect with him on Twitter and LinkedIn.

RELATED LINKS

Survey: Formal Education Leaves Software Developers Short on Security

Internet worms through the ages — from relatively low risk to highly destructive

Cyberattacks shut down more hospitals

Trackbacks

  1. […] The next blog in this series will examine how to achieve resilience against ransomware with DXC’s 5A approach. […]

    Like

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: