On June 2, 2021, the White House issued a memo urging businesses to adopt a ransomware mitigation strategy to strengthen U.S. resilience to cyberattacks. The memo puts forth several actions businesses can take to mitigate the consequences of a ransomware attack.
In addition to mitigation efforts, companies benefit from guidance on how to prevent ransomware attacks in the first place. Ransomware mitigation requires a multi-layered approach that starts internally, with employees, to help establish security best practices. Bad actors can gain access through weak spots in IT infrastructure and vulnerabilities inadvertently created by employees doing everyday work online. Attackers are most likely to deploy ransomware through browser-based exploit kits, online advertising to spread malware, or phishing emails with malicious attachments or links.
Protecting your data and corporate network is both a technology challenge, and a matter of changing human behavior, starting with safe password practices. Cybercriminals love weak passwords. In May 2021, hackers launched a major ransomware attack on Colonial Pipeline in the U.S. reportedly by accessing the company’s network through a single compromised password. The hackers disrupted oil operations in multiple states and cost Colonial Pipeline millions of dollars.
Employees constitute your front line of enterprise threat prevention. However, most elements of a multi-layered ransomware mitigation strategy are invisible to employees, being implemented through software and security policies deployed on the network. Encouraging employees to incorporate security into daily habits goes a long way toward helping them meet expectations and championing cybersecurity awareness companywide.
Basic cybersecurity training should include principles of safe password management. Strong, diligently managed passwords are a cornerstone of corporate security strategies. Multiple online accounts result in multiple passwords that can be easy to forget, which is why many people write them down. It’s convenient for employees to use the same strong password for a variety of different accounts or linked accounts, and sometimes sharing a password with coworkers or family is the easiest and fastest way to get an important task done in a timely fashion. The problem is that all of these unsafe password practices increase the risk of a hacker being able to access your corporate network.
Strong, well-cared-for passwords are a cornerstone of your security strategy. Your best defense in helping to ensure them is a robust, well-integrated password management solution. A password manager like Bitwarden empowers employees to take responsibility for personal credential security, thereby raising awareness of other cybersecurity threats, tools, and best practices to prevent them.
When employees see security as something they can control, they’re more apt to change other behaviors and reduce security risks, such as avoiding drive-by content on a website or malicious links in an email.
Cybersecurity awareness programs and training, emanating from the executive level down, are vital to developing a strong culture of security. Building on employee awareness by providing tools that empower employees to change security behaviors will strengthen your enterprise security posture and accelerate your ransomware mitigation strategy.
While a multi-layered ransomware prevention and mitigation strategy can include web and email filters to intrusion detection software, packet sniffers and anything in between, it should also include a powerful password manager solution. When you give employees tools that support safe, consistent password practices, positive changes in security behavior often follow.
Enhance your ransomware mitigation strategy. Try Bitwarden for free or start an enterprise trial today.