The Year of Ransomware: A Look Back at  Cyber Security 2016 Previous item Comstor Webinar: Learn... Next item Looking Back at 2016...

The biggest cyber issue for companies across the United States in 2016 was ransomware, according to Bryant G. Tow, managing partner of CyberRisk Solutions., in a recent “look back at 2016” interview with EDGE360.

Tow said ransomware attacks have become highly sophisticated and that companies infected with ransomware have lost thousands upon thousands of dollars paying to get their data back from cyber attackers. And getting the data back isn’t guaranteed, even if they do pay. He has seen at least one business completely lost because of a ransomware attack.

During our podcast interview, Tow said a few businesses have even begun allocating budget dollars specifically for paying ransom for data being held hostage by attackers.

“What we’ve started to see is that they’ll [attackers] take some of the less important things to the business and tell you, ‘If you don’t pay us within 24 hours, we’ll take this one,’” Tow said. “Then you have 72 hours until they take a certain database or four days before they take you offline.”

Today’s attackers are so sophisticated that even if a company develops a block to a specific attack, a new variant will pop up within 24 to 48 hours. Ransomware and other phishing attacks make it through a company’s security perimeter in email, but employees do need to be able to communicate.

“This is a people issue. Your people need to be trained and re-trained on how to prevent a phishing attack,” he said. “For years, we have had great defense technologies with good solid backups, testing those backups and making sure your incident response plans are in place so when a malware attack does strike, it’s an eye roll instead of a panic moment.”

By preparing all areas of the Ring of Security – People, Processes, Technology and Facilities – your business can respond to a ransomware attack with “’Okay, well, this happened. We’re prepared for it, we know that we have our flash back ups here, and we can burn these machines down,’” Tow said. “We know exactly what we need to do in order to solve that problem, and it becomes a couple hours of inconvenience instead of several days’ worth of panic. You have a controlled explosion instead of a complete annihilation of all the technology in this business.”

Hear more from Tow about the Ring of Security and how a company can protect itself in his look back at 2016 podcast below.