Ransomware Attacks Are Surging. Is Your Cybersecurity Up to Date?

Time to reassess your cybersecurity strategies. Again.

Ransomware attacks on businesses have increased by one-third in the past year, according to a recent report by the Boston-based cybersecurity company Cybereason.  Most (73 percent of businesses) were hit by at least one ransomware attack in the last year, and 68 percent of businesses who paid a ransom were hit again in less than a month for a higher ransom, according to the survey, which polled 1,456 cybersecurity professionals at global companies with 700 or more employees. These attacks have big implications: 37 percent of companies were forced to lay off employees after paying ransoms, and 33 percent were forced to temporarily suspend business.

Since the invasion of Ukraine, cybersecurity experts have insisted businesses improve their lines of defense to protect against an increased risk of ransomware attacks from Russia. ​Ransomware attacks have also increased since the start of the pandemic–the rise of remote work increased vulnerability for many businesses, which hackers have taken advantage of, a 2020 FBI memo noted. So, enterprises of all sizes are at risk from many more points of attack.

Keeping your cybersecurity defenses up-to-date can help protect your business from a costly attack, but a combination of monitoring software and regular employee training is best. Here are a few steps you can take to shield your company.

Hackers are getting better at phishing emails, so it’s important to regularly train employees on cybersecurity best practices. Help them understand what to look out for, and create a culture where, if an employee does accidentally click a link that they shouldn’t have, they’ll have the confidence to flag their mistake as soon as possible. 

A good rule of thumb is to set aside 10 percent of your tech budget for cybersecurity, Jaya Baloo, chief information security officer at antivirus software maker Avast, has told Inc. Spending on cybersecurity and training is expensive–but when you compare the investment to the potential cost of a ransomware attack, the price is relative. As Cybereason’s report points out, ransomware attacks come with a bevy of costs, including lost revenue, cost of remediation, higher insurance premiums, regulatory fines, and legal fees.