Ransomware attacks can be especially devastating for small businesses. Learn the steps you can take to protect yourself and your business from a costly incident.

Cybercrime is evolving rapidly thanks to the pace at which technology is improving. Ransomware is one of the most common forms of attack businesses face. Many large companies have fallen victim to ransomware attacks and, unfortunately, this perpetuates the impression that small and medium-sized businesses are not on an attacker’s radar. This is not the case.

In October 2019, for example, an IT consulting firm based in Wisconsin paid an undisclosed sum to an attacker who had blocked client access to patient medical records. While just 20% of ransomware victims are small businesses, over 85% of security service providers report that ransomware is one of the most common threats a small business faces. 

To create a plan to protect yourself from a ransomware attack, you need to execute certain steps to make your business resilient. You also need to prepare for a worst-case scenario. 

Let’s first examine what you can do to build resilience.


The first step you need to take is to conduct a thorough review of your current security measures. Many small companies install cybersecurity systems and believe that this single solution will protect them. Cybersecurity is a continuous process, not a one-time job. You need to constantly conduct a cyber risk assessment and make sure your software is updated with the latest patches and upgrades.

Small businesses often can’t afford to install enterprise-grade security systems, but there are a few things you can do to overcome this obstacle. First, create a map of your assets and order them according to their importance. For each asset, ask yourself what kind of risk would it pose to your business if that asset were breached? If you have an IT department, it’s critical that both business and IT work together to create this map. Relying solely on IT to identify critical business assets might lead to an incomplete picture.

Develop a resilience plan for your most critical assets. That includes backup schedules, business continuity plans, and recovery plans. For example, you could backup the data connected to your most critical assets more frequently than you do for others. You should also review the security of your backups and test the possibility of running operations with that data, in case your primary systems are compromised.

It’s essential to create an asset risk map for your business because most small businesses respond to every threat in the same manner. A risk to a less critical asset should not be treated with the same degree of urgency as a threat to a highly critical one. Since cybersecurity is a continuous process, you must devote additional resources to continue monitoring your plans for highly critical assets. 

Disaster Handling and Recovery

While installing top-notch protection is great, you must prepare for the worst and have a recovery plan. Moreover, you must ask yourself whether you are willing to pay a ransom to unlock your files.

There’s no guarantee that the keys you receive from the attacker will help you recover your files. The standard advice is to refuse to negotiate with attackers, which is why your backup plans are important. It gives you a stronger negotiating position. Make sure your employees are aware of your official approach to an attack, as your entire organization has to be on the same page. 

Most importantly, don’t waste any time in reporting the incident. Ransomware spreads quickly, and the sooner you report an attack, the sooner it can be contained and resolved. Reporting an attack quickly will prove you’re a responsible organization.

An Evolving Threat

There isn’t a single solution to ransomware attacks. Like the rest of cybercrime, it’s an evolving threat that small businesses have to keep pace with. Reviewing your plans and installing best practices is the way forward. The framework you’ve just read will help you do this easily.

Testing your resilience is critical. Run frequent drills that simulate an attack. Review the results regularly, and make sure your IT team is up to speed on the latest best practices in the industry. If possible, use a continuous-monitoring security system that actively scans and simulates threats to your business. 

When training your employees, make sure you focus not just on making them aware of cyber threats but also on changing their behavior. Installing the latest anti-malware solution isn’t of much use if your employees are going to fall for phishing emails. Conduct interactive exercises instead of seminars and create collaborative workshops between technical and business users so that everyone is on the same page regarding cybersecurity.

This article was written by Itai Elizur from Small Business Trends and was legally licensed through the Industry Dive publisher network. Please direct all licensing questions to legal@industrydive.com.

This article is licensed content that was created by a third party not affiliated with Santander Bank, N.A. (“Santander”). This article is for promotional purposes only. Santander does not provide investment, business, financial, accounting, tax or legal advice and the content of this article does not constitute investment, business, financial, accounting, tax or legal advice. Santander does not make any claims, promises or guarantees about the accuracy, completeness, currency or adequacy of any content. Santander expressly disclaims all express and implied warranties of accuracy, completeness, currency or adequacy of the information and content in this article. Readers should consult their own attorneys or tax or other advisors regarding the applicability of any referenced information or financial or other strategies to their own unique circumstances. This article does not necessarily reflect the views or endorsement of Santander. Please note that third party websites may have privacy and security policies different from Santander, please review the privacy and security policies of such websites.

Santander Bank, N.A. is a Member FDIC and a wholly owned subsidiary of Banco Santander, S.A. ©2022 Santander Bank, N.A. All rights reserved. Santander, Santander Bank, and the Flame Logo are trademarks of Banco Santander, S.A. or its subsidiaries in the United States or other countries. All other trademarks are the property of their respective owners.


Was this article helpful?

You already voted!