Ransomware has been a growing threat for a couple of years now. More than 4,000 ransomware attacks have occurred every day since the beginning of 2016, according to an FBI report. So, it was no surprise to find it in the headlines again recently. The WannaCry ransomware attack proved to be one of the most successful and widespread to date -- it took a single day to infect more than 230,000 computers across more than 150 countries.WannaCry was able to spread so effectively because of a known vulnerability that Microsoft patched back in March. Organizations that fell victim had failed to patch, and many lacked basic security protections and working backups. Analyzing in the aftermath it\u2019s clear that we have a problem. We already know exactly how to guard against ransomware, the problem is that many organizations aren\u2019t doing it.Patching as a priorityWe understand that patching software in enterprise environments can be very difficult, particularly in organizations like the National Health Service in the UK, where availability and stability is crucial. Patches must be tested thoroughly in an environment where downtime could literally be the difference between life and death, but when resources are limited it\u2019s easier said than done.Unfortunately, the only way to avoid future attacks on a similar or even larger scale is to ensure vulnerability patches are prioritized. If there\u2019s going to be any deployment delay, then alternative action must be taken to mitigate the threat. Every organization needs to assess its vulnerability management and have a clear strategy for patching.Strengthen real-time defensesThere\u2019s a gap between new variants of viruses or malware emerging and standard AV programs or anti-malware tools identifying them. Sometimes that gap is big enough to infect your system. That\u2019s why you should consider endpoint security capable of recognizing and automatically blocking known malicious behaviors in real-time, before they\u2019re able to gain a foothold.Security is a race and you need to stay ahead of the cybercriminals if you want to win. Real-time analysis is a key element here.User awareness isn\u2019t enoughWe\u2019ve discussed how cybersecurity is only as strong as your weakest link \u2013 your employees. Education is an important part of your security efforts. You should teach employees about the risks of clicking links or opening attachments, but that\u2019s not enough -- some phishing attacks are still going to be successful. And in some cases, as with WannaCry, the ransomware spreads without any user interaction.It\u2019s smart to train people to recognize suspicious signs on their systems and report them, but it\u2019s also well worth stirring user behavior analytics into the mix. Sniffing out suspicious anomalies in user actions can help your IT department to flag, curtail, and sometimes prevent breaches and attacks. Not all attacks come from external sources.For goodness sake, back up!Realizing that you don\u2019t have a proper backup after an attack can be like realizing that you don\u2019t have a parachute after jumping out of a plane. There\u2019s no excuse for not having a proper backup plan in place. It should be regular, easy to access, and as complete as possible, but a backup alone isn\u2019t going to make you invulnerable to ransomware.You will still have to disinfect your machines, report data breaches, and recover encrypted files. It\u2019s important to keep a close eye on system operations and traffic, so you can distinguish data exfiltration or other misbehaviors from backup procedures.Update systemsLegacy systems and software are a big headache for many enterprises. The cost and potential disruption of upgrading can be too much to bear, but when providers announce the discontinuation of support, cutting off the supply of software updates bearing security fixes, then you must update your systems. Understand that if you don\u2019t act, they are going to be unacceptably vulnerable to attack. If an update is impossible, at least close them off on their own networks and restrict traffic as much as you can.The best way to guard against ransomware like WannaCry is to take a proactive approach to security that includes vulnerability and patch management, strong protection technologies, and a healthy dose of common sense.