Ransomware – three options

Ransomware is a fact of life, right? Sooner or later, a member of staff is going to click a malicious link or visit a dodgy website, and a ransomware product will download and install itself.

There are three ways you can deal with the ransomware threat:

  1. Pay the ransom. One Connecticut city just did what many other organisations (including some in the NHS) have done, and paid the ransom in order to get systems working again. However, evidence suggests that those who pay ransoms are more likely to be targeted again.
  2. Rebuild affected systems and databases. A North Carolina water authority has announced it’s doing exactly that, because it doesn’t want to give in to blackmail. However, this isn’t a cheap option, nor one that supports the smooth running of the organisation’s core operations.
  3. Train your staff, build and test your incident response capability, and segment your network so that ransomware can be contained. In both the short and long run, this tends to be the most practical and cost-effective approach – it’s a matter of assessing the risk in advance and putting in place controls appropriate for that risk.

ISO/IEC 27001 certification demonstrates to customers and other stakeholders that you’ve taken appropriate steps to deal with ransomware and other threats.