Disaster Recovery Journal Summer 2023

Every year, records are broken on the number of attacks and economic losses generated by ransomware, with effects that can be truly catastrophic and possibly put the survival of organizations at risk. “

Best Practices To protect themselves, companies should implement the following best practices: 1. Adopt and adapt to your organization a cybersecurity framework which allows you to follow the best practices and international standards for preparing, protecting, monitoring, containing, and recovering from cyberattacks and their consequences such as those caused by ransomware. We mainly highlight the NIST Cybersecurity Framework, NIST 800, NIST 8374, ISO 27001 and ISO 27002, SOC2, NERC-CIP, HIPAA, GDPR, FISMA. PCI-DSS, COBIT, and COSO. 2. Back up your data regularly and periodically depending on your business . Having a strong backup system is crucial in the event of a ransomware attack. This will allow you to restore your files from a clean copy without having to pay the ransom. Be sure to store your backups on isolated devices and environments or in a secure cloud so attackers can’t access them. 3. Keep your software updated . Regular

Businesses can greatly reduce the risk of fall ing victim to a ransomware attack by following these best practices. Remember, being prepared is the best way to protect your business from the devastating effects of ransomware. Tools In order to be prepared, there are several tools which companies can use to evaluate their capac ity to prevent a ransomware attack, including: 1. Security audits and assessments , such as ethical hacking tests and vulnerability scans, can help identify security weaknesses and vulnerabilities in a company’s systems and processes and provide recommendations for improving security. 2. Penetration tests : These are simulated attacks on a company’s systems, designed to test their ability to detect and defend against malicious activity. 3. Protection tools : Have antivirus; antimalware and protection tools; and application, network, and device monitoring tools; be sure to implement and update them permanently. 4. Risk assessment tools : These tools can help companies identify the risks they face and prioritize their efforts to address them. 5. Employee training and education programs :

installation of security updates and patches is essential to protect against ransomware. These updates often include fixes to protect against vulnerabilities which attackers can exploit, so it’s important to stay up to date. 4. Educate and raise awareness among your employees . Your employees are your first line of defense against ransomware attacks. Be sure to educate them on the dangers of ransomware and the steps they can take to protect themselves and their business. This can include things such as avoiding suspicious emails and websites and not clicking on links or downloading attachments from unknown sources. 5. Have a plan in place . In the event of a ransomware attack, it’s important to have a plan in place to respond quickly and effectively. This may include having a dedicated team to handle the incident, as well as a clear plan to restore your systems and data. 6. Use a “Zero Trust” model with secure access controls and privilege restriction for everyone and everything, except those to whom it is explicitly granted, only if required. 7. Achieve alliances and maintain collaborative actions with cybersecurity entities and experts to allow the organization to be updated and prepared for new forms of attack. 8. Use reliable security tools like appliance and specialized software . These monitoring and defense elements can help prevent ransomware attacks by detecting and blocking malicious software. Make sure you choose a reliable antivirus program and keep it up to date.

These programs can help employees understand the risks associated with ransomware and the necessary steps to protect themselves and the company. 6. Security incident response plans : Having a clear plan in place for responding to a ransomware attack can help companies to minimize the impact and recover more quickly. Conclusion You should not wait until your organization is actually attacked. The generation of actions, such as those proposed here, will favor the permanence and survival of your company. The ransom pay ment is not a solution, especially since it does not guarantee the reactivation and return to normality of your operations, nor does it ensure the consequences and impacts of the attack stop, much less future attacks. By implementing and using these recommendations and apply ing these tools, companies can better understand their exposure to attacks, learn about their vulnerability, and develop strategies to protect themselves, and deal with ransomware attack situations. v German Vargas is the leader of corporate risk management at Claro Colombia. He has more than 20 years of business continuity, risk manage ment, and compliance experience across several organizations. He is vice president and founder of Continuam Colombia. In addition, he writes papers for Latin American newspapers and magazines specializing in technology, “

management, risk, and cybersecurity.

DISASTER RECOVERY JOURNAL | SUMMER 2023 31