CDSA

By CDSA February 03, 2022

How to Avoid Five Common Ransomware Mistakes Explored in Wasabi Webinar

A company’s data is only as protected as that organization makes it. While having a cybersecurity strategy is imperative in today’s digital world, there are several mistakes companies typically make that leave them vulnerable and their data exposed to ransomware attacks and data loss, according to cybersecurity experts at Wasabi and Fractional CISO.

During the webinar “Before Ransomware Strikes – Avoid these 5 Common Mistakes” on Feb. 1, Rob Black, certified information systems security professional (CISSP) and managing principal of Fractional CISO, told viewers how to avoid making those common security mistakes and ensure their data security strategy is a strong one.

In addition to citing what he saw as the top five cybersecurity mistakes to avoid, he discussed how to assess a company’s current security strategy and how to leverage cloud storage as part of its data security strategy.

The webinar was hosted by Drew Schlussel, director of product marketing at Wasabi.

The Top Five Mistakes & How to Avoid Them

Black started Fractional CISO more than four years ago to provide mid-sized companies with cybersecurity leadership, he told viewers.

Large companies tend to have their own security teams that handle that role but smaller firms typically do not, he noted.

He wasted little time, jumping right into identifying the five most common mistakes made when trying to fight ransomware and how to avoid each of them:

  1. Always use multifactor authentication (MFA).
  2. Manage your own keys to “reduce your attack surface.”
  3. Follow the “rule of three.”
  4. Backups must be immutable.
  5. Practice makes automatic.

MFA involves “using something you know and something you have, like maybe an app on your phone, [and] coupling those two things together to protect your database backups and also any other sort of backup or any other key system,” Black explained.

“It’s a good idea for any administrative account to have MFA,” he said. Most of the time when he checks a company’s security, there are key systems that are not covered by MFA, he said, adding that, most of the time when there has been an attack, MFA was not turned on.

Moving on to managing your own keys, he said: “Of course, you need to encrypt all of your data. But one of the challenges is someone else is controlling your keys. That’s not necessarily a good thing. So you need to manage your keys.”

The rule of three means: “You need to persist” your data, meaning storing your data in persistent storage, “one of which is physically separate from the other two,” he explained.

Black strongly suggested that two copies of the same data not be stored in the same cloud provider’s system just in case that cloud provider has some sort of an issue, noting a cloud provider is more likely to prioritize a larger firm than a medium-sized one after an attack has happened.

Beware Insurance Challenges

Also, “you must have immutable backups to be able to prevent ransomware from attacking those backups and causing mayhem in your organization when you try to do a restore,” Black said.

If you can’t prove that you are using immutable storage for backups, under the terms of new cybersecurity insurance plans, you could either lose your insurance or be forced to pay “extremely exorbitant” premiums,  Schlussel warned. “So immutability helps you not only technically but also helps you financially,” he added.

Agreeing, Black said he has “seen a lot of challenges” with cybersecurity insurance over the past year and it has become harder to get or renew insurance plans as the companies are “raising the bar on the controls you need in place.”

“The insurance companies are probably most concerned about the ransomware just because it’s so disruptive and it’s so costly for them,” Black said, noting he has seen “a bunch of companies not be able to get a policy or not be able to up their policy, and that obviously can be a real challenge if you’re trying to mitigate risk in your business.”

On the need for practice, Black told viewers: “You’ve got to practice. Practice makes automatic. If we don’t do a backup and a restore and practice those things, we may have found we had some errors in our process on backup and that can be a big problem.”