Establish a Plan for Ransomware

August 14, 2020 · Commercial Lines

Blog Establish a Plan for Ransomware

You should have a response and business continuity plan that addresses all the steps of action you will take in case of an attack.

Have questions?
Contact us today.

Phone: (800) 211-2508

By providing your phone number you consent to receive SMS communication from ComTech-Leavitt Ins. Services. Privacy Policy

Please note: coverage cannot be bound or altered online. A service representative will need to contact you to finalize your request.

Ransomware is among the top four common cyber attacks businesses face today. This attack involves using weaponized encryptions that block access to a computer, server, system or service. The attacker then asks for a ransom to remove the malware. In 2017, ransomware payments soared to $1.3 billion up from $34 million in 2015, with hackers asking for up to $70,000 per attack. About 60% of small businesses never recover from attacks, which makes it all the more essential to invest in your ransomware plan.

Make A Ransomware Plan

The first step is to have a clear plan for how your business will respond to ransomware threats. You can do everything to stop it from happening. However, there's still a chance you will get attacked.

Back Up All Business Data

Ransomware attackers count on causing major panic by halting your operations. However, if you have a backup of everything, you can restore operations within a matter of hours, allowing you to deal with other matters arising from the attack. The rule of thumb is to use the 3-2-1 principle where you keep three copies, back up two and store one off-site. This way, you don't have to pay to resume services, only the damages caused to your business and stakeholders.

Educate Staff and Users on Security Practices and Threats

You should educate all workers and users about the major threats and computer fraud (social engineering), including how to avoid them. You should also maintain strong perimeter defenses using anti-malware, latest encryptions and security algorithms, identity and access management. Your staff should also know what to do in case of an incident or attempted breach.

Patch and Block Malware

In addition to maintaining a strong security perimeter, you need to patch all old operating systems, codes and software. Outdated systems are the primary target for ransomware attackers, so you should ensure you have the most recent protection. You should also block all malvertisements using ad blockers.


In addition to all the above, you should consider purchasing adequate insurance coverage to protect you in case of an incident. Insurance coverage will pay for various damages, including ransom money, legal fees, administrative and public relation expenses.