The recent upsurge in ransomware attacks – 6,000% increase since 2016 – could be a wakeup call for all businesses, especially the hospitality industry that is increasingly becoming a target for malicious attacks. Cybercriminals have devised numerous deceptive methods to infiltrate computer systems, encrypt data and demand ransom to release the files.

Ransomware attacks cause major disruption to the operation of a business and result in over 70% of victims paying the ransom. For those who have chosen to pay, 50% paid more than $10K and 20% paid more than $40K to avoid losing significant down-time for their business. These costly payoffs can be particularly burdensome for a small business.

In a cybersecurity study of small and medium-sized businesses with less than 1,000 employees, nearly half of these businesses have been the victim of cyberattacks. Fortunately, there are preventive measures you can take to help avoid falling prey to attacks like the recent WannaCry ransomware.

You and your employees are the first line of defense! Help protect your business from intrusion by cyber criminals by following the steps outlined below in the A.I.M. (Assess, Implement, and Maintain) approach.

A.I.M. to Safeguard Your Business from Ransomware Attacks

Assess – Examine your system end-to-end to understand where your business may be vulnerable to cyberattacks

• Perform an assessment of your security protocols to look for potential vulnerabilities in your entire existing network, which extends beyond just securing payment transactions
• Determine if you need to add a supplemental security solution to help ensure you are always covered with the most current protection against malware
• Identify who has access to your systems and data, and apply the appropriate restrictions

Implement – Create a plan to improve security that includes staff accountability for safeguarding your company’s systems

• Leverage a trusted managed service provider to install a commercial grade security solution that provides maximum protection of your systems
• Establish policies that clearly define security protocols for your staff to follow, such as securing unattended computers and regularly updating passwords
• Train employees on protecting company data as well as your customers’ Personally Identifiable Information (PII)

Maintain – Ensure your business remains focused on security as an integral part of your operation with regular review and updating as needed

• Build a cybersecurity culture and maintain focus by reviewing security protection on an ongoing basis
• Ensure systems are up-to-date with the latest security patches
• Control what applications can be installed on your systems
• Continue educating employees on potential intrusion points where malware can be installed e.g., links in email, social media posts and online sites

Published By NCR: Dustin McCreight, November 17, 2017