Cybersecurity best practices: Paying attention to these 10 basics helps prevent ransomware attacks Posted on July 5, 2017 by Tim Burke A commitment to the seven people-focused cybersecurity best practices I reviewed in my last post will thwart many attacks. But don’t forget these 10 key cybersecurity best practices basics: Layer security to achieve defense in depth As a first layer of defense, install antivirus software at all endpoints – including employee-owned devices – and keep it up-to-date. Fending off zero-day assaults requires additional defense in depth: firewalls, heuristics, intrusion prevention/detection systems (IPS/IDS), behavioral-based threat prevention, data leak and anomaly detection, real-time security intelligence and event management (SIEM), etc. Unified threat management on edge devices (e.g., firewalls) delivers IPS/IDS, website filtering that blocks access to known/suspected malicious content, and another layer of antivirus. Back up your data For the most thorough protection, back up your data daily both locally and to an off-site cloud – and make sure you detach (airgap) external storage devices once a backup is done to protect it from ransomware attack. Since some ransomware infects backups with attack capabilities that lay dormant and can later propagate, you can limit such re-infection by backing up only data files, not system files. Encrypt your data When you encrypt your data at the file level – i.e., the machine’s file system encrypts individual files or directories – cybercriminals threatening to expose your stolen confidential data won’t be able to decrypt it. Patch your software This is best accomplished with patch management software or services that patch your software regardless of type or location and includes device firmware and employee-owned devices and often-exploited third-party software (e.g., Java, Flash) as well the rest of your software stable. Build sandboxes By opening files (email attachments, web downloads, etc.) in a sandboxed virtual environment, malicious behavior can be spotted before it can spread across data, systems, and networks. Segment your network Ransomware can be prevented from replicating itself across systems and networks when you segment your network. Deploy services that continuously monitor DNS traffic If you continuously monitor DNS traffic to track relationships between domain names, IP addresses, and autonomous system numbers, you’ll be better able to discover cyberattacks before they launch. Consider a moving target defense strategy based on counter-deception techniques Using counter-deception techniques to constantly change target surfaces forces attackers to continuously search for targets, boosting chances of discovery and making cyberattacks more costly and less feasible. Review the cybersecurity stances and policies of all your service providers Your cybersecurity is only as strong as its weakest online link. Get expert cybersecurity help As recent attacks and breaches keep showing us, effective cybersecurity requires constant vigilance and plenty of expertise. A cloud-capable managed security services provider can help monitor your defenses, ensure that your cybersecurity strategy protects your assets and meets compliance requirements, and alert you to new threats so no one is surprised by cyberattacks.