Currently, cyberamezas and attacks continue to increase, with ransomware and email attacks as two of the main concerns for organizations. According to the last Acronis report on cyberamezas, In the second half of 2024 cyberattacks made through email increased 197% interannual. Ransomware attacks linked to persistent threats advanced They also evolved, apart from being increasingly sophisticated.
The situation is also complicated by the use of the generative the tools used by cybercriminals to increase the efficiency of their attacks. Therefore, it is increasingly important to take designed measures to ensure that organizations’ systems and infrastructure are more efficient, such as these twelve that Acronis proposes.
- Installation of antimalware systems with AI
The implementation of antimalware systems that use artificial intelligence to improve detection allows you to identify threats through anomalous behaviors.
In this way, organizations can quickly contain attacks, in addition to receiving valuable information about their action mechanisms. In addition, these systems are responsible in many cases of investigating vulnerabilities present in the systems, with the aim of preventing incidents.
- Take care of email and filter the URLs
Electronic emails remain the main attack vector: last July and December, almost half of email users suffered at least one phishing attempt. Strengthening mail security and using URLs filtering can prevent an important part of Phishing attempts.
- Use Protection and prevention tools against data loss
Having data loss prevention tools (DLP) helps supervise and block suspicious activities. This also helps improve visibility on confidential data movements.
- Reduce network exposure to connections from outside and interior
Limit access to the network through VPN, firewalls and segmentation of internal networks counteracts the spread of ransomware by the equipment connected to it. In addition, it is an important measure to reduce internal vulnerabilities.
- Manage passwords and access safely
Adopt protection practices such as Authentication based on several factors, the minimum privilege principle, or the zero confidence approach for access to critical data minimizes the risks derived from the theft of stolen or committed credentials.
- Promote safety awareness among employees and collaborators
Promoting the culture of security among employees and collaborators of an organization reduces the risk of clicking on malicious links. Not only through theoretical advice or training talks. It is important to give them opportunities to put into practice what they have learned safely.
In this way, when they receive a message that hides a real threat, they will be prepared to avoid falling into the trap. Sending false phishing emails to test their awareness is an effective measure for They practice what has been learned.
- Scan systems for vulnerabilities and optimize patches management
Companies must keep their software updated, in addition to periodically carrying out an automated vulnerabilities scan. It is also advisable to optimize and, if possible, automate, the management of security patches. In this way, companies will reduce the risks related to obsolete software.
- Reduce the number of agents in the endpoint
Avoid the proliferation of distance agents in the endpoints, that is, of programs that are installed on devices remote To communicate with a server, limit conflicts and security gaps. In addition, doing so offers more guarantees of coherence in the implementation of solutions.
- Follow current security frames
Following the current security frameworks, such as those of the NIST, provides already consolidated guidelines, which are very valuable to ensure that systems have a homogeneous and proven protection.
- Protect data solidly
The implementation of encrypted and immutable backup copies creation tools, as well as periodic tests of the backup plan launched offer an essential defense line to organizations and entities of all kinds.
Maintain protected data through a copy, or several, of them, allows recobrac of incidents and ransomware attacks without having to pay rescues or endure extortion for recover valuable information for the organization.
- Establish a disaster recovery plan
Design and implement a disaster recovery plan allows to resume activities faster after a disaster or an attack. All thanks to having data replicated in external or cloud locations. It is one of the main measures to be taken to protect information, and also one of the simplest to carry out. The result: ensure that even small businesses have resources to improve their safety and safe data.
- Design an incident response plan
Design and display a response plan Complete to be clear how to react when there is a security incident is basic to minimize the damage it may cause. In addition to disaster recovery measures, passwords, access addresses to backups and allocation of papers that will adopt all those involved in it, it is also impSCIRED THAT INCLUDE YOUR CONTACT DATA.
It is also important to be able to establish alternative communication channels in order to act and coordinate measures if official channels are inaccessible or are not safe. Do not forget to implement forensic data collection measures. This is not only essential to deal with an incident, but also to have information that helps prevent others in the future.
The implementation of these measures will not only ensure an improvement in the protection of the company and its systems, guaranteeing greater resilience. It will also significantly reduce the inactivity times of its services and improve the efficiency of its processes.
Set by: Denis Cassinerio, Senior Director and General Manager South Acronis Emea
