California League of Food Producers 21 opened infect the target’s computer. Some ransomware variants, such as WannaCry and Petya, have been able to infect multiple systems at once and disable an organiza- tion’s operations for days, and sometimes even weeks. Consequences The average payment is around $1,077 for victims who pay the ransom, however, the costs can escalate quickly for larger organizations. For example, a major web-hosting provider recently paid more than $1 million to attackers to regain control of its data. Regardless of whether an organization pays the ransom, the amount of time it takes to recover from these types of attacks can be crippling. Protecting Your Organization So how do individuals and organizations protect them- selves? The answer is part training and part technology. Training The main reason ransomware attacks are so prevalent and successful is because end users unknowingly open infected emails and attachments due to a lack of user education and cyber-awareness, making these users the weakest link in any security program. As such, organiza- tions can benefit from investing in providing training for these end users. Awareness training is a necessary first step in any security program, yet many organizations don’t take it. This is often because it requires time and resources to establish and commit to a training program, as well as the backing of an organization’s governing body, management, human resources department, and IT -which can sometimes overwhelm organizations. Organizations should consider providing security awareness training for every new hire and instituting an annual refresher course for all employees. It’s imperative that organizations also employ other methods, such as a monthly email reminder or awareness posters in the break room, to frequently remind end users about safe computing habits. Technology Organizations must work to ensure their IT systems are current and include rigorous protections to deter and detect attacks, such as: ■ ■ Network infrastructure design and perimeter protections ■ ■ Anti-malware and data leakage strategy ■ ■ Security information and event management solutions ■ ■ Incident response procedures ■ ■ Backup and restoration processes and ProtectYour Organization The main reason ransomware attacks are so prevalent and successful is because end users unknowingly open infected emails and attachments due to a lack of user education and cyber-awareness, making these users the weakest link in any security program. by KEVIN VILLANUEVA, Partner and TROY HAWES, Senior Manager – IT Consulting Practice, Moss Adams