A proactive approach to address the ransomware menace
As South Africa enters total lock down – most of the country is operating from home offices. Media reports are indicating that cyber hackers are looking to exploit vulnerabilities in this difficult time in an attempt to steal valuable information.
Arcserve Southern Africa has announced the availability of the Arcserve Ransomware readiness assessment which enables businesses to measure their capabilities and chart a path to a ransomware-free future.
“Ransomware has become one of the largest business risks and serves as the most menacing threat to IT organisations. It’s reached epidemic proportions globally, with costs projected to reach $20 billion by 2021,” says Byron Horn-Botha, Arcserve Southern Africa Lead: Channel and Partnerships.
Information security management is an essential part of good IT governance, particularly with respect to protecting critical business and personal data from ransomware.
This assessment aims to assist businesses to quickly identify gaps in IT and chart a course for a ransomware-free future.
Ransomware-free capability maturity scorecard
Horn-Botha says the assessment is constructed around a scorecard that outlines the important areas that companies should be scrutinising within their businesses. “The scorecard describes a five-level evolutionary path of increasingly organised and systematically more mature processes. For each of the items in the ransomware-free framework, you can assess your organisation’s maturity score and consider your priorities.Mark the box that best fits your company profile.”
Horn-Botha says the five levels are outlined as follows:
- ACTIVELY MANAGE ACCESS – Are you effectively managing access and controls across systems portfolio?
- MANAGE SYSTEMS CONFIGURATION ACROSS ATTACK VECTORS – Have you developed a centralised management and end-to-end approach that addresses the full range of potential attacks?
- COMBINE DATA SECURITY AND DATA PROTECTION SOLUTIONS – Does your IT configuration deliver comprehensive endpoint protection, data availability and cybersecurity?
- ENGAGE USERS WITH TRAINING AND COMMUNICATIONS – Are you fully empowering your users with the practices they need to protect against ransomware threats?
- MAINTAIN AND TEST A BUSINESS CONTINUITY AND DISASTER RECOVERY PLAN – Are you capable of getting your applications and data recovered, and operational, in the event of a disaster?
“The assessment shows businesses where they should be restricting access to common ransomware entry points, such as personal email accounts and social networking websites. It also shows how web filtering may be used at the gateway and endpoint to block phishing attempts for users who are tricked into clicking on a link. This is an essential safety guide for companies who want to highlight possible vulnerability and put the necessary steps in place to prevent a breach ,” concludes Horn-Botha.