Page 12 - PA_Enterprise_March_2022
P. 12

PAE






          Often, multiple conditions may be required for      system redundancy to ensure continuity. Don’t
          a ransomware attack to succeed. It doesn’t          assume that because your data is stored in
          only boil down to a lack of cybersecurity           the cloud it’s all immune from a ransomware
          systems and software.                               attack.

          Lagging policy updates, out of date software,       2. Don’t rely on anti-virus alone!
          a lack of training or education resulting in        Deploy a modern security MDR (Managed
          poor end-user vigilance – even a lapse in           Detection and Response) software solution
          concentration can result in success for the         such as SentinelOne. MDR software monitors
          hacker.
                                                              the behaviour of processes running on all

          The definition of success for the cybercriminal     endpoints, looking for any suspicious activity
          however is simply to gain access to a network,      that could indicate a security breach such as
          steal data and “hold it hostage” pending            a ransomware attack. It then blocks the attack
          payment of the ransom. The documented               and raises automated alerts.
          evidence of ransomware payments is,                 Artificial Intelligence such as SentinelOne’s
          however, scarce because so few companies            patented behavioural technology protects
          own up to it.
                                                              every endpoint through the threat lifecycle
          The key in all of this is that criminals target     including:
          what they perceive to be “the weakest link” in       Pre-execution: attack prevention
          the chain: the employees of the business –
          including those at executive level.                   On-execution: detecting and containing
                                                                threats
          How to protect against ransomware
          The number one rule in protecting against             Post-execution: visibility & response,
          ransomware and any other kind of cyberattack          remediation and rollback.
          is never to assume it won’t happen to you. In       SentinelOne can block many attacks
          fact, assume you will be targeted. Other key        automatically on its own. But for a complete
          measures include:
                                                              solution, human input may be required via
                                                              Security Operation Centres (SOCs) to:
          1. Back up your data

          A robust backup system for all systems –              Isolate an affected computer from the
          including email – is a core form of protection.       network while maintaining control of it
          If your data can be backed up and, crucially,         remotely
          restored effectively and efficiently, then you
          can be up and running again in a relatively           Suspend potentially compromised user
          short period – and critical operational               accounts
          processes can resume.                                Carry out detailed security investigations

          Depending on the size of your organisation,          Remove the suspected threat
          you’ll need a full back up plan and potentially





         12                                                                                        March 2022
   7   8   9   10   11   12   13   14   15   16   17