The Importance of Establishing a Sustainable and Repeatable Process for Responding to Cyberattacks

September 13, 2017  By Moshe Binyamin

This content originally appeared on Continuum.

Doing the work with your internal team now to ensure you have a sustainable and repeatable process for mitigating and addressing cyberattacks, can help you build stronger relationships with your clients. When they know they can count on a team of experts to help them in an IT crisis, like a ransomware attack, you have the advantage. 

Here are 3 questions you need to ask to start the process of putting an effective plan in place:

  1. Does anyone on the team have real world ransomware knowledge and expertise?
  2. How many team members completed the appropriate training and know how to address a ransomware attack?
  3. How much time does it typically take for our technicians to remediate ransomware infections and get clients’ staff up and running again?

Answering these 3 questions honestly will help you see where you have gaps to fill and give you the motivation to get your team trained and provide them with the resources they need to successfully help clients navigate cyberattacks now and in the future. 

Training is key: Establish and test for a level of expertise you expect your team to display. This will typically include, infection detection methods, quarantine policies, system and application recovery order just to name a few. Once training is complete, it’s time to focus on prevention. This is where you will want to put in place a multi-layered defensive technology approach to help clients minimize infections and have the option to recover from data breaches quickly and effectively. 

Here are some of the critical things you need to do to create a sustainable, repeatable process.  

  • Patching: With the latest patches, you can close OS security vulnerabilities.
  • Anti-Virus and Network Monitoring (NIDS): Keeping virus definition files current is critical to ensuring systems are running at peak performance.
  • Backup and Disaster Recovery: Doing a full-system backup protects back-office systems when an attack occurs and provides a recovery option for unknown threats and even the most catastrophic failures. 
  • Endpoint Backup: Although there’s a layer of protection on back-office systems, many knowledge workers are mobile and create data on the go. Therefore, you still need to have backup and support for laptops, desktops and even smartphones and tablets.
  • Education and Awareness: Educate clients and their employees about cybersecurity risks, new ransomware strains and best practices for spotting phishing attempts, suspicious emails and other security risks. 
To learn more, please download the eBook: 6 Ways to Shield Clients from Ransomware. Find it here

Moshe Binyamin
Senior Director, Market Management, Autotask

Moshe is responsible for the product line direction of Autotask Workplace and Autotask Endpoint Backup. He sets the market strategy and coordinates all design and development details to ensure delivery of world class solutions.

Prior to Autotask, Moshe spent 15 years at MapInfo Corporation (sold to Pitney Bowes in 2007) where he held engineering and management positions and directed the market and revenue strategy for the company’s global flagship product.

Moshe holds an Applied Science degree in Laser Electro Optics and received his Computer Science training from the IDF (Israeli Armed Forces). He is also a graduate of the prestigious Vista Equity Partner’s High Potential Leadership Program (HPLP).

Follow @Autotask Tweets