ransomware: are you prepared to protect your data?€¦ · 15-10-2019 · ransomware: are you...
TRANSCRIPT
Ransomware: Are You Prepared to Protect Your Data?
Agenda
• Welcome and Introductions – Chris Riley
• Scott Rippey – System Source Solutions Architect
• Please complete evaluations• Enjoy your pizza!
• Sh
• Sh
Audio – In presentation mode until end
Control Panel
View webinar in full screen mode
Feel Free to submit written questions
Open Q & A at the end
(please raise your hand & we will unmute your
line)
Survey at conclusion of webinar
During the Webinar…
We Hope You are
Enjoying Your
Pizza!!
Please double check with your receptionist
then contact Mike Jones:
[email protected] We will research and replace with an e-card
(We are recording the webinar – so don’t think twice about stepping away
for a few minutes to go pick it up at your front desk!)
System Source is a regional systems integratorWe have the people, processes and tools to help clients improve, maintain and acquire IT and Audio-Visual systems.
• We help IMPROVE IT operations. Clients ask us to train their staff for more productivity or rent our classrooms for private classes.
• We design PRESENTATION rooms including collaborative conference and classrooms.
• IMPROVING IT often requires top CONSULTANTS.
What is it?Cyber Extortion
Uses strong encryption
Plenty of Variants – increase the odds
Payment via Bitcoin
Eight common attack vectors (Source: CRN)
Backups as a target
“Stealer” and “Downloader” malware
Databases more vulnerable due to spear phishing
Lower hanging fruit – small companies
Ransomware-as-a-service
Visit link at end for others
Important statistics – this is serious stuff
34% of businesses hit with malware took a week or more to regain access to their data. (Source: Kaspersky)
75% of companies infected with ransomware were running up-to-date endpoint protection. (Source: Sophos)
50% of a surveyed 582 cybersecurity professionals do not believe their organization is prepared to repel a ransomware attack. (Source: Pwnie Express)
So, what can you do about it?
Since most attacks come via email, end-user education is Job 1
Humans are curious, and sometimes easily tricked
In-house phishing campaigns using tools like KnowBe4 and Phishline help train users what NOT to click
With so much on the line, this training is no longer a nice-to-have – it’s essential
Tools like Barracuda’s Sentinel to address spear phishing
70% of businesses paid the ransom (Source: IBM)
You MIGHT get the key to get your data back
You MIGHT pay and get nothing in return
You WILL be noted as a paying customer
You WON’T know for sure if the infection is removed
Clearly preferable: you are driving the bus
You WILL get your data back
You WILL pay no ransom
You WILL be in control, not the hackers
You WILL know the infection is removed
How can this be done quickly, efficiently and cost-effectively?
Have you tested a major recovery?
Daily backups should be a no-brainer
Have you tested a major restore to understand the effectiveness and recovery time required?
Have you evaluated “real” RPO’s and RTO’s against the business requirements?
Are you following best practices, i.e. 3-2-1?
Easy is good; complicated is bad.
Limited staff – Barracuda BackupWhy? Simple, All-in-One, great support
VeeamWhy? Industry leader, innovation, friendly licensing model
Case Study: Local furniture manufacturing company
More valuable than a backup?
Snapshots are offline unless someone manually brings them online – EXACTLY WHAT YOU WANT
Can easily have multiple copies throughout the day
Typically are instantaneous, unlike backups
Easy to replicate offsite
You likely have a SAN already capable of efficient snapshots. Turn them on!
HPE/Nimble SAN Why? Since 2011, one of the most highly efficient
Your SANWhy? Effective tool you can use RIGHT NOW!
Case Study: Local refrigerated delivery company
When Business Continuity is crucial
Restores from backup take time
Recovery measured in minutes
Multiple restore points
Not a replacement for backup
Again, easy is good; complicated is bad
System Source’s Virtual Data Protection (VDP) Why? Proven, cost-effective
Veeam Cloud-Connect PartnerWhy? Complete data-protection strategy, industry leader
Case Study: Local Town Municipality
Attacks will continue to escalateArtificial Intelligence is enabling harder-to-detect attacks
Assume “when you are targeted,” not “if you are targeted”
Build confidence you can recover through best practices and testing
Schedule a free Ransomware Prevention & Recovery Readiness Briefing with System Source
Evaluate Ransomware Prevention Tools: Phishline & KnowBe4
Sign up for free Email Threat Scan for Office 365
Reference Link for 8 Types of Ransomware Attacks
https://www.crn.com/slide-shows/security/8-types-of-ransomware-attacks-you-need-to-know-about/1
Questions?
Thank you for attending today!