How to Protect Your Company from a Ransomware Attack

Posted on August 25, 2020 - by Darren Gallop - in Building Your InfoSec Program

ransomware attack prevention

Do you have a strategy to protect your data from ransomware? If not, you need to develop one today. Ransomware can (and does!) wreak havoc on companies by locking up all of the data you need to operate. Imagine all of your customer records, purchase histories, vendor information, data analytics, etc., locked up and held hostage unless you pay up.

Here are four things you can do to minimize the chances of your organization falling prey to these often-damaging attacks.

4 Tips to Protect Your Data from Ransomware in 2020

Ransomware is alive and well in 2020, even though it’s a tactic that’s over 30 years old. Verizon’s 2020 Data Breach Investigations Report noted that ransomware constituted 27 percent of all malicious attacks in the previous 12 months. Here’s how you can fight ransomware.

1. Educate Your Employees on the Dangers of Links

Ransomware is most commonly spread through suspicious links in emails or downloads from untrusted sources. Once on the computer, the code scans the computer for credentials or data that it encrypts in exchange for a ransom. Even if you pay the ransom, there’s no guarantee that you’ll get your data back – at least 17 percent of companies pay and get nothing back.

The good news? All of this is easily avoided if your employees are savvy about links. You can help them out by doing the following:

  • Establish an email security policy that is clear on links you can click and links you should NOT click.
  • Disallow downloading or software installation on company devices (via user permissions).
  • Train employees on ransomware and phishing. Be sure to provide examples.
  • Have your employees do phishing simulations. You can start with a planned exercise using a free tool like Google’s phishing quiz, but phishing simulation software designed for ongoing training and education (like you can get from Symbol Security) gives you data so you know where your employees are most vulnerable.   

2. Keep Your Systems and Antivirus Up to Date

Updated antivirus and anti-malware software represent your front line of defense against threats like ransomware. Both types of software have access to large libraries of known threats that are being constantly updated. By keeping things on your end up to date, you’ll not just keep your systems safe but also help contribute to the library.

3. Have Procedures in Place for Suspicious Emails or Network Activity

Did you know that around 1 in 99 emails is a phishing attack? Spam filters catch some of those, but what will your employees do when a phishing email lands in their inbox? Your ultra-efficient, multitasking workers are a target because hackers expect them to be distracted, busy, and stressed. 

Create a way for your employees to quickly and easily report suspicious emails or network activity that they might spot. Not only will this allow you to compile your own database of threats, but it will also help you spot threats much quicker.

4. Backup Your Data

Keeping your data backed up is one of the best ways to protect data from ransomware threats. Services such as cloud storage are secure and convenient. But security best practice is to always have more than backup and not just in the cloud. You can read more here about keeping local backups here

Take Command of Your Cybersecurity Strategy with Securicy

Having a detailed game plan for dealing with ransomware is crucial to settling fears of a breach for you, your company, your investors, and your potential customers. A comprehensive cybersecurity strategy will put your company in a position to close those larger enterprise deals, without security issues standing in your way.


Get custom information security policies generated for your business in minutes. Securicy guides you through creating, implementing, and managing your cybersecurity plan.

Try Securicy Free

About the author

Darren Gallop is a tech entrepreneur, information security expert, Techstars alumni, board member, and the CEO of Securicy. He co-founded Securicy and led the team to develop a SaaS product that guides businesses through creating, implementing, and managing their information security and privacy compliance program. Gallop previously co-founded Marcato and was CEO there for 10 years, until the successful event management software company was acquired by Patron Technology. He is fluent in English, French, and adept in Spanish. Gallop spends much of his non-work time traveling or engaging in the outdoors. Swimming, fly fishing, canoeing, camping, and surfing (basically in that order). He is from Nova Scotia, Canada.