Join us for our installment of the Pacesetters Doing Business series featuring Boston Planning and Development Agency on December 7, 2023.
12/07/2023
3:00pm - 4:00pm
Virtual
Jenny Holaday will share her journey into leadership as President of Encore Boston Harbor and first woman to run a casino in Massachusetts.
12/13/2023
2:00pm - 4:00pm
Encore Boston Harbor
Step into Winter Wonderland at our BIMA Holiday Gala. Gather your digital media and marketing peers for a night of networking and entertainment.
12/14/2023
6:30pm - 9:30pm
InterContinental Boston
Designed for mid-level managers and supervisors, this new certificate program addresses workplace well-being through unique, innovative, and actionable methods.
Join our Transformational DEI Certificate! Our comprehensive learning & development offerings are designed to connect and grow strong leaders who lead both inside and out of the office.
Our Women’s Leadership Program enables you to take your leadership to the next level by arming you with the most in-demand leadership toolkit.
Our Boston’s Future Leaders (BFL) program provides emerging leaders with a socially conscious and civically engaged leadership toolkit, as well as the opportunity to apply their knowledge through experiential assignments.
City Awake empowers young professionals in a variety of ways that encourages these rising leaders to stay invested in the region’s future success.
We are developing an ecosystem of corporations and partners with the influence and buying power to transform economic inclusion for minority business enterprises (MBEs).
The Fierce Urgency of Now Festival brings Boston’s diverse young professionals together with business leaders, organizations and their peers to build connection, advance careers and ignite positive change.
09/12/2023 -
09/16/2023
Greater Boston
BIMA (the Boston Interactive Media Association) serves a vibrant community of like-minded professionals from agencies, brands, publishers, and ad-tech companies with business interests in the New England market.
For nearly 30 years, the Chamber’s Women’s Network has connected female professionals of all background and career levels. Today, our Women’s Network is the largest in New England, strengthening the professional networks of women each year.
The Massachusetts Apprentice Network convenes employers, training providers, and talent sources interested in developing and implementing apprenticeship programs in occupations across industries and statewide in fields such as tech, advanced manufacturing, healthcare, financial services, and more.
We support small business through public policy initiatives, events designed to connect small businesses in Greater Boston to their peers and established business leaders, professional development offerings, and free small business advising.
Explore our mission and values to better understand how we are leading the business community forward.
Our member directory is your resource to discover, connect, and engage with Boston’s businesses from every industry and sector.
Ransomware is a type of malware, or malicious software that encrypts a victim’s files and demands a ransom be paid in order to decrypt them. It’s a growing problem for both individuals and businesses, as the sophistication and reach of ransomware attacks continues to increase. If you’re not familiar with ransomware, this article will give you a quick rundown of what you need to know. I’ll also cover the basics of how to protect your company from ransomware, and what to do if you are hit by an attack.
According to the 2022 Verizon Data Breach Investigations Report, ransomware attacks rose 13% in 2022- more than the last five years combined – and accounted for 25% of all cyber-attacks. It’s important to remember, ransomware by itself is really just a model of monetizing an organization’s access. Ransomware was listed as the third most common attack vector, not far behind the use of stolen credentials and “other” types of attacks not caused by phishing or exploiting vulnerabilities.
Additionally, ransomware accounted for almost 70% of all malware breaches in 2022, resulting in an inability to access company data and jeopardizing an organization’s overall cybersecurity. It is not uncommon for the data of those affected by the ransomware to be sold on the black market, prior to the ransomware payment. Additionally, there is a growing trend for companies to choose not to pay attackers, and instead recover their data from backups. To counter that tactic, the attackers often are deploying Distributed Denial of Service (DDoS) attacks along with ransomware. This strategy overwhelms network resources, rendering them incapable of serving their intended users. Victim companies are unable to conduct business, even if they have viable backup data.
In short, yes. You may be surprised to learn that all companies are targets, regardless of their size. Attackers often identify targets based on the company or organization that will secure the greatest “reward,” or financial impact. That might mean a single, massive attack on a natural gas pipeline, such as the Colonial pipeline incident, or many attacks spread across dozens of smaller organizations. The rise of Ransomware as a Service (RaaS) on the dark web, where the ransomware companies will go as far as setting up a call center to assist with ransomware deployments, does not help the issue.
The reality is that any business with a working email address can be affected by ransomware. This is a question of when, not if. Companies need to have procedures in place that allow them to pivot quickly from “we’ve been threatened” to an effective response plan.
You may think, if large companies like Colonial Pipeline, Apple, or Kaseya with their substantial security budgets are affected by ransomware, my small or medium size business doesn’t stand a chance. Not exactly!
You can take several steps to be more prepared to respond to, or even avoid, ransomware attacks. Below, I have outlined a few of the steps you should consider to respond to a ransomware attack.
Your company should have an enterprise ransomware policy in its incident management program that defines the actions to be taken in the event of a ransomware attack. This policy should be approved by the board of directors or equivalent management body at your company. A ransomware-specific incident response playbook should always include the following:
Alternatively, if your company has hired or partnered with a third-party vendor to manage your incident response plan, ensure they have created a well-defined playbook and have shared it with your team in advance.
While performing annual risk assessments, companies should include the probability and potential impact of a ransomware event, based on real-world scenarios, from their respective industries and company size. Considering ransomware as a risk scenario will allow you to determine the potential impact of refusing payment, and your ability to restore or rebuild from data backups.
Protecting information relies heavily on asset inventory, data classification, and defined data flows. Without knowing what data resides or traverses which systems on your networks, the company will not be able to design adequate controls to protect classified data.
Companies should have approved and implemented Vulnerability and Patch Management Policies to identify, assess, track, and remediate vulnerabilities affecting all data within the enterprise. A good asset inventory will make this job much easier. Having a Software Bill of Materials (SBOM) for each critical application used to operate your business is an added advantage that will set you apart from the competition and enhance the vulnerability remediation process.
Multi-Factor Authentication (MFA) is a common control, that, if implemented properly, can reduce the risk of a ransomware incident. However, recent breaches at several high-profile companies, including Cisco, happened because of MFA fatigue. In this and many other incidents, attackers exploited the human factor and sent repeated MFA push requests, hoping at least one would be approved by the user. When users allow connections that they did not originate, attackers gain access to the enterprise systems.
User education, combined with proper configuration of security controls and settings, can help prevent such incidents.
Most companies have already implemented data backups, but it is also imperative to regularly test to evaluate if backups are sufficient to recover your systems on time. It is equally important to make sure backups are segregated from other normal networks, to protect them from attackers.
Security awareness training plays a big part in your company’s ability to prevent a ransomware attack. Providing regular training, where users learn how to spot, avoid, and report phishing attempts, can reduce the risk of an incident. It is also essential to conduct periodic phishing exercises to make sure employees recognize phishing attempts and report them to appropriate parties.
A ransomware readiness assessment can help identify gaps in the controls, processes, or procedures that make a company vulnerable to a ransomware attack or would hinder their response. Companies can conduct ransomware readiness assessments using internal staff or a trusted partner or choose a hybrid model where they hire a vendor, and utilize their internal team to interact with the third-party vendor to leverage the best knowledge and experience on both sides.
You have the power to respond—not react—to the attack!
Cybersecurity Manager,
Baker Newman Noyes
Popular Resources