The 2 Things You Must Do NOW to Protect Your Company From a Cyberattack

2 Things To Do NOW to Protect Your Company From a Cyberattack

In News by David Henry

Here’s  a very quick message about the two things that you absolutely, positively must do now to protect your company from a cyberattack and ransomware attack.


You may have read that Garmin was hit hard by a ransomware attack this past week, (https://www.bbc.com/news/technology-53553576).  Garmin claims they have a cybersecurity program in place, and still got hit with a $10 million dollar ransomware attack.

This is not the first ransomware attack recently and will not the be the last.

So, that said, here are the 2 things you absolutely must be doing now to protect yourself.

1.  Conduct an immediate assessment of your cybersecurity protection and all of your security controls.
If you don’t have regular metrics that let you see what’ going on on a day-to-day basis, that’s a problem.  If you aren’t reviewing your overall security at least quarterly, that’s a problem.
New attacks and kinds of attacks surface every day.  Three months from now, your current controls will be out of date.  If you aren’t staying on top of this regularly, you will be vulnerable.  Time to fix that.
2.  Stress test your current security program and controls.

Make sure it works.  Make sure your backups are backing up.  Make sure you can easily restore your backups.  Make sure you backups aren’t susceptible to the same attacks as your other data (make sure they are completely separate).

Most companies put security in place, but never test to make sure it works.  This should be done regularly.

Those are the 2 things you MUST do right now.


There is a third thing to consider, and that is hiring an outside company to review your security controls. Even the best companies with the best security programs do this, and it’s why they have the best security. Often times, outside eyes see things that you don’t or don’t consider problematic.

The other benefit of having an outside company work with you is that thy can enable the internal security team to follow techniques we know that will help them continually optimize policies, adapt to discovered threats, and integrate security strategies with their business strategy, to enhance their business’s resilience and never hinder it.

In any case, if you haven’t done a security review in the last 90 days, you need to do the first two steps NOW!

The reality is while that may cost some money, it certainly won’t cost anywhere near what it will cost you to recover from an attack.

Any questions or comments?  Let us know, we’d love to hear from you.  You can contact us here.

Share this Post