Low entry barriers can really mess up a good gig. Any franchisee without territorial protection can tell you that. But so can entrepreneurs in many industries.
Ironically enough, this is becoming a problem for ransomware operators. Thanks to Ransomware-as-a-Service allowing anyone to get in on the action, dishonorable crooks with no intention of restoring access to data are creating distrust among victims that paying up will pay off.
The resulting picture is complicated for all parties, and the percentage of companies paying up has fallen. Still, this bad news for the ransomware sector isn’t necessarily good news for business victims, who are more likely to fall victim now than they have ever been. It just means they’re less likely to regain their data.
All of this points to the importance of establishing cyber resilience as a hedge against all forms of cybercrime—and other causes of disruption. But since ransomware keeps your clients awake at night, having a concrete list of steps in place can help you help them to reduce their exposure. And while every business has a potentially unique attack surface that might require some fine-tuning, there are some universal steps all companies can take right now that prepare them to weather an attack:
- Make security awareness training (SAT) mandatory: Cybercrooks have more success targeting humans these days than they do breaking in through networks and apps. Your clients can’t address today’s big threats—including ransomware—without fortifying their people with cyber hygiene and threat training.
- Deploy DNS protection: Protective DNS offers a potent, front-line defense that blocks malware and phishing domains, content filtering, etc. And solid protective DNS solutions are powered by world-class threat intelligence and help clients meet the NSA and CISA guidance on DNS-over-HTTPS.
- Protect endpoints: Protecting endpoints is the third essential component in security solutions that helps to defeat ransomware. Whether delivered through business endpoint protection (EPP) services or managed detection and response (MDR) solutions that incorporate endpoints, device-level protection is a must for today's organizations, particularly the proliferation of remote workers.
- Endpoint backup (and restoration): Backup (and restore) services are linchpins in establishing resilience against ransomware. If an endpoint device is compromised, the ability to follow the clearing of threats with the restoration of data is vital to weathering an attack without significantly disrupting operations.
Single-Provider Solutions Make All the Difference
Cyber resilience is all about speed and the ability to either avoid downtime altogether or recover fast enough that product or service output is not interrupted. In practice, that can only be accomplished when you can turn to a single provider that can address all these areas at once—and in the correct sequence—to restore services quickly and effectively. And it’s crucial from a customer response perspective for your MSP to be able to turn to a single provider partner you can rely on to help with all aspects of protection, backup and restoration. Ultimately, your reputation with your customers depends on your provider partner’s ability to resolve issues and make your MSP look good.