Some companies can decrypt it themselves. Once you are a hostage, the key is to move off to where the kidnappers aren’t.

“It really is about having a layered defense, a true architectural, integrative approach, and working together with those in your company,” Temske said.


By having a holistic approach to security, company IT staff and leaders will know that things are in place in case you are attacked. The time to plan isn’t when you are under attack. You want to have documented procedures in place before anything happens.

Five steps to ward off an attack and recover from one:

• Focus on modern, next-generation anti-malware and firewall solutions that can stop the attack before it starts.


• Automate your defenses and your response, because today’s threats are automated, That means that human intervention is not fast enough.


• Be able to compartmentalize data using network micro-segmentation strategies, because once malware enters your network, it will spread fast. But it’s difficult for malware to spread laterally when you compartmentalize it.


• Create a plan for when, not if, you are attacked. Be certain you are backed up on your network, and test it, and your restore process. A backup is only good if the information can actually be restored when you need it. Also, do you have an uncorrupted source form which you can immediately recover?


• Decide on a pay or no-pay policy. How much damage will be done if you decide not to pay? “The time to make that decision is not when it's happening,” Temske said. “Take the emotion and adrenaline out of the equation. Plus, we have found that in most cases you can negotiate your ransom. [Some] have been able to reduce the ransom by a decent amount, but don’t miss an imposed deadline.”

Back to HCB News

Risk Management Homepage