Your Best Defense Against Ransomware Might Be Your Employees

Ransomware, while not a new model for hackers, has certainly been wreaking havoc on businesses in 2016 – particularly in healthcare and financial services.

Just how dangerous is ransomware?

While your business’ data security program should consist of many components, perhaps the most effective defense to ransomware is building a culture of data security amongst your employees.

By nature, ransomware relies primarily on “social engineering”, baiting people into clicking a link in an email or other method of ultimately downloading a malicious program into the company network. Once on the network, the ransomware goes to work encrypting files or an entire hard drive rendering them inaccessible followed by a demand for money in exchange for decrypting the data again.

While there are certainly technology and protocols that should be employed to defend against ransomware, malware, and any other form of data breach, let’s start with the “people” factor as that is the vulnerability ransomware most frequently preys on.

Chief Information Security Officers and data security experts agree that the weakest link in a company’s security chain is typically people. Businesses of all sizes should consider building a culture of data security by 1) Training, 2) Empowering, and 3) Incentivizing employees to be on guard for data breach attacks.


Offer employees interactive training resources like seminars, webinars as a benefit to help them protect their own personal data security. Employees that are more security-savvy for their own personal data safety are going to be great defenders of the company’s data as well.

This can be built into and marketed as an employee benefit along with common benefits like medical, dental, legal counsel, and more.


Communication from upper-management on the danger of cyber-threats and the critical role every individual plays in protecting the business’ and customers’ data. Every employee should walk away feeling that cybersecurity is a real threat to them and their colleagues and that they are encouraged to be vigilant and report concerns to IT.

Incentivize (or “Gamify”)

One way companies can really solidify this culture of security is through Gamification. For instance, consider developing a scoring system by which employees can report/forward suspicious emails to the IT security department. Should the email be a legitimate threat, points are given the employee.

The points can be displayed on a leaderboard for bragging rights and also points could be exchanged for rewards once certain levels are achieved. It may sound silly, but if the rewards are appealing and the bragging rights are fun, that may easily be enough to make every single employee a security watch dog for your company!

Take Care of the Basics

Building a culture of security amongst your employees is one “cog” in your security system. There are many others.

For most businesses, engaging a remote-managed network security provider like Netsurion is the best way to implement STRONG, SIMPLE, AFFORDABLE data security.

  • Malware, Ransomware, and the Next Big Threat

    September 21, 2017

    Imagine the lost revenue for a major retailer if they needed to shut down all of their stores for a few days, or even a few hours, especially over the busy holiday season. The impact would be devastating.

    Read More
  • Protecting Against Ransomware Attacks: What Every Business Needs to Know

    July 11, 2017

    Ransomware attack frequency is at its height as there have been more than 4,000 ransomware attacks happening each day for over a year now. Follow these tips to help avoid a ransomware breach at your business.

    Read More
  • Protect Your Business from Ransomware

    May 15, 2017

    As the second iteration of the WannaCry ransomware impacting IT infrastructure around the globe is expected, we want to arm our customers with information to be best prepared.

    Read More