Ransomware: Securing Your First & Last Lines of Defence

An article sponsored by RICHO in the February 2022 issue of FEI Canada Finance and Accounting Review says that ransomware is a rapidly growing threat for Canadian businesses, with devastating impact. “It is insidious, quietly penetrating an organization’s network to halt business-critical operations or threaten to release sensitive information in exchange for currency, causing downtime, reputational harm, and money.”

Since the onset of the pandemic, when more businesses moved to more vulnerable remote and hybrid models, the problem exploded: more than 235 ransomware attacks were reported in Canada in 2021.

Ransomware is rapidly becoming a question of when, not if, which is why a multi-layered approach will provide the strongest protection. “Security management for a hybrid workforce requires rigorous end-to-end management and monitoring from experienced IT professionals. Your first line of defence is your endpoints – workers and their devices.”

According to the article, remote device management, anti-malware protection and two-factor authentication are critical elements of a secure first line. “However, from phishing emails to unsecured Wi-Fi, there are myriad ways employees can unwittingly open the gates to ransomware. This should be addressed with regular cybersecurity awareness training and established security best practices.”

Managing the first line of defence for a hybrid workforce is complex, the article says, “putting great demand on the IT team, which can lead to small cracks in the defence. We recommend running an IT Health Check to ensure this doesn’t happen.”

Ransomware is often highly sophisticated and very sneaky: according to IBM, in 2020 it took companies an average of 228 days to detect a breach. Some strains of ransomware can even disable your antivirus, compromising your first line of defence.

So, what happens if ransomware bypasses the endpoint protections in your first line of defence? Find out at E-Newsletters | FEI Canada.