We need to convince people to proactively guard against ransomware. Ransomware has been a growing threat for a couple of years now. More than 4,000 ransomware attacks have occurred every day since the beginning of 2016, according to an FBI report. So, it was no surprise to find it in the headlines again recently. The WannaCry ransomware attack proved to be one of the most successful and widespread to date — it took a single day to infect more than 230,000 computers across more than 150 countries.WannaCry was able to spread so effectively because of a known vulnerability that Microsoft patched back in March. Organizations that fell victim had failed to patch, and many lacked basic security protections and working backups. Analyzing in the aftermath it’s clear that we have a problem. We already know exactly how to guard against ransomware, the problem is that many organizations aren’t doing it.Patching as a priorityWe understand that patching software in enterprise environments can be very difficult, particularly in organizations like the National Health Service in the UK, where availability and stability is crucial. Patches must be tested thoroughly in an environment where downtime could literally be the difference between life and death, but when resources are limited it’s easier said than done.Unfortunately, the only way to avoid future attacks on a similar or even larger scale is to ensure vulnerability patches are prioritized. If there’s going to be any deployment delay, then alternative action must be taken to mitigate the threat. Every organization needs to assess its vulnerability management and have a clear strategy for patching. Strengthen real-time defensesThere’s a gap between new variants of viruses or malware emerging and standard AV programs or anti-malware tools identifying them. Sometimes that gap is big enough to infect your system. That’s why you should consider endpoint security capable of recognizing and automatically blocking known malicious behaviors in real-time, before they’re able to gain a foothold.Security is a race and you need to stay ahead of the cybercriminals if you want to win. Real-time analysis is a key element here. User awareness isn’t enoughWe’ve discussed how cybersecurity is only as strong as your weakest link – your employees. Education is an important part of your security efforts. You should teach employees about the risks of clicking links or opening attachments, but that’s not enough — some phishing attacks are still going to be successful. And in some cases, as with WannaCry, the ransomware spreads without any user interaction.It’s smart to train people to recognize suspicious signs on their systems and report them, but it’s also well worth stirring user behavior analytics into the mix. Sniffing out suspicious anomalies in user actions can help your IT department to flag, curtail, and sometimes prevent breaches and attacks. Not all attacks come from external sources.For goodness sake, back up!Realizing that you don’t have a proper backup after an attack can be like realizing that you don’t have a parachute after jumping out of a plane. There’s no excuse for not having a proper backup plan in place. It should be regular, easy to access, and as complete as possible, but a backup alone isn’t going to make you invulnerable to ransomware.You will still have to disinfect your machines, report data breaches, and recover encrypted files. It’s important to keep a close eye on system operations and traffic, so you can distinguish data exfiltration or other misbehaviors from backup procedures.Update systemsLegacy systems and software are a big headache for many enterprises. The cost and potential disruption of upgrading can be too much to bear, but when providers announce the discontinuation of support, cutting off the supply of software updates bearing security fixes, then you must update your systems. Understand that if you don’t act, they are going to be unacceptably vulnerable to attack. If an update is impossible, at least close them off on their own networks and restrict traffic as much as you can.The best way to guard against ransomware like WannaCry is to take a proactive approach to security that includes vulnerability and patch management, strong protection technologies, and a healthy dose of common sense. Related content opinion Diversity in cybersecurity: Barriers and opportunities for women and minorities Increasing the numbers of women and minorities in cybersecurity isn't just good for the individuals involved, it's good for the practice of security. Here's a look at what's holding them back and what can be done about it. By Michelle Drolet Dec 23, 2021 5 mins Diversity and Inclusion Hiring Security opinion 6 steps for third-party cyber risk management If you have third-party partners, you need a third-party cyber risk management program. Here are six key steps to follow. By Michelle Drolet Sep 30, 2021 4 mins Risk Management Security Practices Security opinion 5 open source intrusion detection systems for SMBs If you don’t have a lot of budget at your disposal, these open-source intrusion detection tools are worth a look. By Michelle Drolet Nov 13, 2020 5 mins Intrusion Detection Software Security feature 6 steps to building a strong breach response plan Cybersecurity resilience depends on having a detailed, thorough, and tested breach response plan in place. Here's how to get started. By Michelle Drolet Oct 07, 2020 5 mins Security Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe