Resources

The Software Won't Save You

Written by Editorial Team | Apr 29, 2022 2:30:00 PM

GroupSense CEO Kurtis Minder spoke at Colorado Mesa University’s Entrepreneurship Day on April 27. During his keynote, “The Software Won’t Save You,” he spoke about the genesis of GroupSense’s Ransomware practice, how attackers carry out ransomware attacks, and how each of us can help protect our own computer systems with simple cyber hygiene.

The event was featured in the Grand Junction Daily Sentinel and the local NBC affiliate KKCO. Learn more about the event below.

Photos provided by Mckenzie Lange, The Grand Junction Daily Sentinel

Several years ago, GroupSense began receiving ransomware remediation requests from legal firms and cyber insurance firms. The increase in ransomware attacks created an opportunity for GroupSense to help organizations assess their incident response plans and recoup lost data. Throughout ensuing ransomware investigations, GroupSense’s Ransomware Response Readiness (R3s) and Ransomware Negotiation services were born.

During the keynote, Kurtis spoke about the ways in which attackers gain entry into systems using initial access brokers. Threat actors then buy this access and carry out their attacks. Though most of the attacks that the public hears about target large enterprises, the majority of ransomware attacks affect small- to medium-sized businesses. Making up 44% of the U.S. economy, small businesses are part of our critical infrastructure

Kurtis laid out the four ways he thinks will lessen the threat of ransomware to our nation’s businesses during his talk:

  1. Prevention
  2. Public policy
  3. Technology
  4. Negative consequences for the bad guys

“Cybersecurity is a habit problem. Good cyber hygiene may be annoying. Do it anyway.”- Kurtis Minder

We all have a duty to practice good cyber hygiene, but that doesn’t mean it needs to be difficult. So, what can the average person do to protect our small businesses? To get started, implement these practices at work and at home:

  • Use complex passwords.
  • Use unique passwords for every site by using a password manager.
  • Use multifactor authentication (MFA) or two-factor authentication (2FA) everywhere possible.
  • Do not use your corporate email address on personal or hobby sites.
  • Update your software immediately when updates are offered by the software vendor, including on your mobile phone.
  • Stop. Clicking. On email links. Stop, think, and inspect any links or attachments sent to you.

To learn more about the steps you can take to reduce your cyber risk, click here.