



You have the chance to save a lot of sadness to your clients this weekend of Workers’ Day.

According to both the FBI and cybersecurity and infrastructure security agencies, this Labor Day holiday is a high-risk period for ransomware attacks. Cyber ​​criminals show patterns of attacks during vacations when offices are closed.

Andrew J, CEO of L5L Solutions. Peden provides clients with some recommendations on how to protect their business. As he sees, the need to take precautions is serious.

He cites a Ponemon Institute study that states that if an organization can prevent these attacks, cost savings can average about $ 1.4 million per attack.

Peden warns that the amount is only part of the client’s potential problem. A successful ransomware attack can have the following consequences: It goes out of business for a few days, incurs the cost of recovering data, and incurs reputational costs both upstream and downstream because it was not a reliable supplier.

Peden has five steps on the client to prepare for a ransomware attack. But first, how vulnerable are clients to ransomware attacks?

Vulnerability

As Peden points out, many SMEs are particularly vulnerable. You may not have a dedicated IT team to focus on malware attacks.

He further states that in the case of ransomware attacks, 90% of them occur through endpoint vulnerabilities.

Unfortunately, endpoint vulnerabilities are everywhere. These include:

4 billion people connected to the internet. 40 billion devices connected to the internet. A hardware device connected to the Internet of Things. Each device can have as many as 65,000 entry ports for malware.

Peden recognizes that one of the most difficult aspects of ransomware attacks is its high degree of asymmetry. Malicious people or state actors only need to find one vulnerability to invade and cause havoc.

Peden recommends helping clients improve their risk IQ. His goal is that when an attack occurs, it is not the first day to deal with it. You planned, educated, trained, and trained.

He wants people to be familiar with the scenario so that he can push play and activate response plans in the event of an attack.

Here are his five steps to be more aware and better able to respond:

Define important assets. For example, if the client is in the energy sector, it is probably an industrial control system for a power plant. Define the threat. Perhaps the threat is permanent, such as nation-states and terrorists who are continually trying to hack into the system. Alternatively, a physical threat, such as an intruder, could pierce the client’s security officer into the throat and break inside. Assess the impact if your organization is at risk. Peden cites the May 7, 2021 Colonial Pipeline ransomware attack as an example. Cyber ​​attacks have affected computerized equipment colonials used to manage pipelines. For the colonial, it wasn’t just the cost of paying the ransom. The ransomware attack has become a national security issue as it has affected society as a whole and affected gasoline and jet buyers. Analyze current approaches to managing risk. Do employees across the enterprise, from the board of directors to entry-level employees, understand their role in protecting the organization? Since 90% of cyberattacks are related to human factors, is the organization training its employees not to open attachments? Do employees receive test emails to see if they are careless? Did the company research a technology that could catch an intrusion in seconds, as opposed to an average 24-day dwell time for attackers in the network before detection? Get ready to respond. Did the company plan for management not to think about it first when an attack occurs? Did they introduce technology, people and processes to respond immediately? Can they respond in seconds instead of hours?

Sources 1/ https://Google.com/ 2/ https://www.wealthmanagement.com/high-net-worth/five-steps-prepare-ransomware-labor-day-holiday

