How to protect your organisation against ransomware 

In its 2024 annual review, the National Cyber Security Centre (NCSC) stated that ransomware remains the most significant, serious, and organised cyber crime threat the UK faces. In 2023, global ransomware payments topped a whopping $1 billion! 

Whatever your organisation’s size, a ransomware attack is a very real risk, so you should take measures to mitigate the threat. The best approach is not to rely on one tool, such as anti-malware software, but to deploy a blend of strategies. Here’s the approach we recommend. 

Eight steps to help protect your organisation against a ransomware attack 

1. Keep your systems and software updated 

Outdated systems and software provide an easy entry point for cyber criminals who exploit known vulnerabilities. Regularly update your operating systems, software applications, and firmware to patch security vulnerabilities. 

Regular vulnerability scans should also be conducted to identify potential weak points. 

2. Deploy email and endpoint security solutions 

Deploy antivirus and anti-malware software that can scan, detect, and respond to cyber threats. Monitor endpoints such as workstations, servers, and smartphones for suspicious activity. 

3. Provide security awareness training for your staff 

Staff are often your weakest link in cyber security. Train your employees to recognise phishing emails, malicious links, and suspicious attachments, which are common vectors for ransomware. Also, develop a staff procedure for if they see something suspicious or think your organisation is at risk. 

Regularly reinforce security knowledge and practices through periodic training sessions. 

4. Limit user access privileges 

Adopt a zero-trust approach and limit user access and permissions to only the data they need to work. This least privilege model limits the potential impact if a single account is compromised.  

5. Back up your data to an external hard drive or cloud server 

Routinely back up your data to external storage. If a ransomware attack ever hits you, you can wipe the infection clean and reinstall the backup files. You also can’t be held to ransom for retrieving your data.  

Test your backups regularly to validate recovery procedures.  

6. Control third-party access 

Evaluate the security practices of vendors with access to your systems and limit third-party access to what is necessary. 

7. Consider cyber insurance 

While cyber insurance won’t prevent an attack, it can help mitigate financial losses following a ransomware attack. 

8. The Cyber Essentials scheme

Engaging in the Cyber Essentials scheme can help your organisation protect itself against the most common cyber attacks, including ransomware.

Ransomware defence requires a holistic approach involving people, processes, and technology. Combining preventative measures like training and patching with reactive strategies like data backup and insurance will help prepare your organisation to handle threats effectively. 

Return to all Insights