It is now widely recognised by most risk management and IT security professionals that it is not a question of if, but when a cyber-attack will occur.
Companies rightly invest in building walls around their systems because preventing access in the first place is an obvious building block for an effective defence strategy against ransomware. Most companies still use very weak and out-dated commercial cyber security software, forgetting that the threat is often internal. They often focus their energy on shoring up their defences against an increasingly sophisticated, and at times, state-backed enemy invading force instead. The key is to make sure that your first line of defence against an attack is backed up by a structured and enterprise-wide approach to managing and mitigating the risk, so that the reputational and financial impact is minimised as much as possible.