June 15, 2024

Reduce Business Risk Exposure to Ransomware

Reduce Business Risk Exposure to Ransomware

I have seen a lot of cyberattacks over the years. Most of them start with an email phishing ploy or business email compromise. Addressing these two vectors dramatically reduces your business risk exposure to cyberattacks.


The best way to prepare for phishing attacks is employee training. Yes, you need a good spam filter, but some will always slip through no matter what. And don’t blame Suzy in the billing department when she clicks on a link in an email. She doesn’t stand a chance against the multibillion-dollar, international, hostile-state-led industry of cyberattacking. You must give her regular cyber training if you want her not to compromise your network and data. Telling her not to click on links is not enough.


The best way to reduce the chance of business email compromise is by mandating MFA on your email platform. Tell the administrator of your email platform that you would like to see a report showing the policy of MFA for the company and the status of MFA for every user. Tell everyone at the company that MFA will be mandated on [this date]. “To avoid any business disruption, please take a few minutes to enable MFA on your email account. Ask for help if needed.” Then enforce it on the date you choose. After the date, review a new report showing the policy of MFA for the company and the status of MFA for every user.


Finally, send this to your cyber insurance policy broker: “I am reviewing my cyber insurance policy and I need some help identifying what the policy requires my business to do. Can you send me a simple checklist that briefly states what is required of my company to reduce our risk exposure to cyberattacks?” If you don’t hear anything back, congratulations! You have found an insurance salesperson who cares about your money but not your business. They can be hard to spot. Now it’s time to look for another.


Dedicated to your liberty, safety, and digital health,


Tim Meredith

Tech Eagles



If you’re not currently training your employees on cybersecurity practices, contact us today.