No Result
View All Result
SUBSCRIBE | NO FEES, NO PAYWALLS
MANAGE MY SUBSCRIPTION
NEWSLETTER
Corporate Compliance Insights
  • Home
  • About
    • About CCI
    • CCI Magazine
    • Writing for CCI
    • Career Connection
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Explore Topics
    • See All Articles
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Well-Being at Work
    • Leadership and Career
    • Opinion
  • Vendor News
  • Library
    • Download Whitepapers & Reports
    • Download eBooks
    • New: Living Your Best Compliance Life by Mary Shirley
    • New: Ethics and Compliance for Humans by Adam Balfour
    • 2021: Raise Your Game, Not Your Voice by Lentini-Walker & Tschida
    • CCI Press & Compliance Bookshelf
  • Podcasts
    • Great Women in Compliance
    • Unless: The Podcast (Hemma Lomax)
  • Research
  • Webinars
    • Upcoming
  • Events
  • Subscribe
Jump to a Section
  • At the Office
    • Ethics
    • HR Compliance
    • Leadership & Career
    • Well-Being at Work
  • Compliance & Risk
    • Compliance
    • FCPA
    • Fraud
    • Risk
  • Finserv & Audit
    • Financial Services
    • Internal Audit
  • Governance
    • ESG
    • Getting Governance Right
  • Infosec
    • Cybersecurity
    • Data Privacy
  • Opinion
    • Adam Balfour
    • Jim DeLoach
    • Mary Shirley
    • Yan Tougas
No Result
View All Result
Corporate Compliance Insights
Home GRC Vendor News

Asigra: 5 Preventative and Responsive Best Practices to Mitigate Ransomware Damages

by Corporate Compliance Insights
May 27, 2020
in GRC Vendor News
ransomware warning on binary background

Industry Experts Reveal Best Practices for Reducing or Eliminating Harmful Impacts of Ransomware

TORONTO (May 27, 2020) – Asigra Inc., a leader in backup and recovery software that delivers comprehensive repository cyber protection, today highlighted a number of best practices proposed by providers of both preventative and responsive solutions for combating the financial ramifications of ransomware.

“Ransomware attacks are becoming more targeted, sophisticated, and costly, even as the overall frequency of attacks remains consistent,” according to a bulletin released by the Federal Bureau of Investigation. “Cyber criminals can take advantage of security weaknesses in widely used software programs to gain control of victim systems and deploy ransomware. For example, recently exploited vulnerabilities were discovered in two remote management tools used by managed service providers (MSPs) to deploy ransomware on the networks of customers of at least three MSPs.”

Industry experts often cite two categories of ransomware defensive approaches and solutions – preventative and responsive. Preventative strategies stop such attacks from succeeding in a way that would maintain business access to their data. Strategies in this area would include training employees about the proper handling of potential phishing emails, implementing the proper cybersecurity software to protect primary data and a second layer of security-enabled data protection on secondary storage to ensure the complete recovery of criminally encrypted data.

Responsive ransomware strategies include ransomware recovery experts (CYPFER Corp. for example) to minimize downtime and potential financial loss in the event an attack was successful. These measures also include a managed service provider to assist in finding all possible alternatives to return mission critical data to the customer. Additionally, it would also include a credible cyber-insurance provider at the company’s disposal to financially cover the event and address monetary damages.

Five best practices cited by experts in these areas include:

  1. Cultivate a security-aware culture: Educate and train employees on the dangers of phishing emails. Phishing is the number one method used by ransomware attackers because it is an effective means to access a target’s network.
  2. Backup files and protect backup data: Regularly back up data using a 3-2-2 methodology where three copies of data are stored locally on secondary storage; two additional copies of backup data are kept on different locally available mediums (devices); and two backup copies are stored offsite two remote locations, such as a remote facility or cloud-based platform. In the event the training and primary cybersecurity measures fail, ensure the backup data is protected as it will become the recovery technique of last resort should the network be impacted. This is effectively done with a backup solution that addresses ransomware Attack Loops™ by scanning for malware instream and as recovered data is returned to production, among other techniques.
  3. Secure the network environment.  Keep programs and operating systems up to date, ensure servers are patched and updated, and securely restrict and limit system components and administration tools by granting users enough access or privileges to accomplish a task or run an application.
  4. Defend primary data:  While there are an endless number of cybersecurity solutions available, choose solutions with an effective record of success and deploy accordingly to protect both traditional and remote workforce environments.
  5. Insure: Some ransomware payments have been reported to be in the millions. Organizations that have no other option but to pay the ransom, would be remedied by having a cyber insurance policy that covers the damage from such attacks. Having a policy that protects against such attacks and the resulting liability could mean the difference between continuing with operations or claiming bankruptcy.

Ransomware Response and Recovery

Should devices on a company network unfortunately fall victim to cyber attackers and it is critical that data be recovered, ensure that a ransomware recovery expert is part of the incident response team to negotiate the ransom demand with the threat actors and to try to reduce the financial impact. To mitigate the risk, the incident response team should investigate all the alternatives, such as recovering from back-ups, rebuilding server environments and deploying free decryption tools, or negotiating with the threat actors.

As a last resort, a company can direct the ransomware recovery expert to coordinate and direct the most suitable response to the specific threat, and if the decision is made to pay the ransom, negotiate and facilitate the ransom settlement on the victim’s behalf and procure the decryption tools required to restore data files.

“Paying ransom to cyber threat actors is not recommended, but sometimes it is a necessary response to ensure business continuity,” said Jason Kotler, Founder and President, CYPFER Corp. “In these cases, it is essential to negotiate and facilitate payment of the ransom in the proper cryptocurrency and to ensure that your data is unlocked, so that business services can resume as soon as possible.”

“The financial impact that ransomware can have on any organization is frequently devastating,” said Marc Staimer, Principal Analyst and President of Dragon Slayer Consulting. “If not properly prepared, damages can go beyond the payment of an exorbitant ransom which does not guarantee the de-encryption of data. It often also includes the loss of revenues from downtime, expensive third-party data recovery attempts, increases in future insurance costs, and reputational damage.”

“These time-sensitive events need to be addressed quickly. Whether for pre-attack preparation or post-attack emergency support, it is critical to have industry experts available,” said Eran Farajun, Executive Vice President, Asigra. “To provide some level of assurance, the five best practices and the experts referenced will provide the best chance of making it through one of these events.”

For more information on Asigra, please download a case study on cybersecurity-enabled data protection at https://site-files.asigra.com/files/case-study/pdf/pcs-trade-union.pdf.

Tweet This: @Asigra Presents Five Preventative and Responsive Best Practices to Mitigate Ransomware Damages – https://bit.ly/2N04LHu

To learn more about Asigra, visit:www.asigra.com

Follow Asigra on Twitter at: http://twitter.com/asigra

About Asigra

Trusted since 1986, Asigra technology is proudly developed in and supported from North America, providing organizations around the world the ability to quickly recover their data from anywhere through a global network of IT service providers.  As the industry’s most comprehensive data protection platform for servers, virtual machines, endpoint devices, databases and applications, SaaS and IaaS based applications, Asigra lowers the total cost of ownership, reduces recovery time objectives, and eliminates silos of backup data by providing a single consolidated repository with 100% recovery assurance and anti-ransomware defense. The company has been recognized as a three-time Product of the Year Gold winner by Techtarget for Enterprise Backup and Recovery Software and positioned well in the market by analysts. More information on Asigra can be found at www.asigra.com.


Previous Post

Banks Set to Accelerate Digital Transformation in Response to COVID-19

Next Post

Effective Training: Awaken the Zombies to Impart “Level 3” Understanding

Corporate Compliance Insights

Corporate Compliance Insights

Corporate Compliance Insights

Related Posts

get out of jail free card

Rare Declinations by DOJ’s National Security Division Demonstrate Potential Benefits of Voluntary Disclosure — but Could Obscure the Risks

by Justin Weitz, Loyaan Egal, Katelyn Hilferty and Moshe Klein
July 16, 2025

In a recent speech, Matthew R. Galeotti, the head of the DOJ’s Criminal Division, discussed changes in how the DOJ...

robot waiting for job interview

If AI Can Easily Game Hiring Processes, Maybe It’s Time to Rethink What You’re Looking For

by Vera Cherepanova
July 15, 2025

Using AI to prepare for an interview is OK, but what about using it to perform?

nurse holding chart

Data Privacy at the Crossroads of AI & Life Sciences: US & EU Perspectives

by Marijn Storm, Katherine Wang and Joshua Fattal
July 15, 2025

Regulators and enforcers are watching how healthcare companies use advanced tools

binoculars digital collage_bright

Internal Investigations That Actually Fit Your Budget

by Gabrielle Degelia and Emily Farmer
July 14, 2025

Smart staffing, disciplined scoping and strategic use of technology can dramatically reduce costs without sacrificing thoroughness

Next Post
virtual training

Effective Training: Awaken the Zombies to Impart “Level 3” Understanding

No Result
View All Result

Privacy Policy | AI Policy

Founded in 2010, CCI is the web’s premier global independent news source for compliance, ethics, risk and information security. 

Got a news tip? Get in touch. Want a weekly round-up in your inbox? Sign up for free. No subscription fees, no paywalls. 

Follow Us

Browse Topics:

  • CCI Press
  • Compliance
  • Compliance Podcasts
  • Cybersecurity
  • Data Privacy
  • eBooks Published by CCI
  • Ethics
  • FCPA
  • Featured
  • Financial Services
  • Fraud
  • Governance
  • GRC Vendor News
  • HR Compliance
  • Internal Audit
  • Leadership and Career
  • On Demand Webinars
  • Opinion
  • Research
  • Resource Library
  • Risk
  • Uncategorized
  • Videos
  • Webinars
  • Well-Being
  • Whitepapers

© 2025 Corporate Compliance Insights

Welcome to CCI. This site uses cookies. Please click OK to accept. Privacy Policy
Cookie settingsACCEPT
Manage consent

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. These cookies ensure basic functionalities and security features of the website, anonymously.
CookieDurationDescription
cookielawinfo-checbox-analytics11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checbox-functional11 monthsThe cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checbox-others11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-necessary11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-performance11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy11 monthsThe cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.
Functional
Functional cookies help to perform certain functionalities like sharing the content of the website on social media platforms, collect feedbacks, and other third-party features.
Performance
Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.
Analytics
Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics the number of visitors, bounce rate, traffic source, etc.
Advertisement
Advertisement cookies are used to provide visitors with relevant ads and marketing campaigns. These cookies track visitors across websites and collect information to provide customized ads.
Others
Other uncategorized cookies are those that are being analyzed and have not been classified into a category as yet.
SAVE & ACCEPT
No Result
View All Result
  • Home
  • About
    • About CCI
    • CCI Magazine
    • Writing for CCI
    • Career Connection
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Explore Topics
    • See All Articles
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Well-Being at Work
    • Leadership and Career
    • Opinion
  • Vendor News
  • Library
    • Download Whitepapers & Reports
    • Download eBooks
    • New: Living Your Best Compliance Life by Mary Shirley
    • New: Ethics and Compliance for Humans by Adam Balfour
    • 2021: Raise Your Game, Not Your Voice by Lentini-Walker & Tschida
    • CCI Press & Compliance Bookshelf
  • Podcasts
    • Great Women in Compliance
    • Unless: The Podcast (Hemma Lomax)
  • Research
  • Webinars
    • Upcoming
  • Events
  • Subscribe

© 2025 Corporate Compliance Insights