What strategies have you used to mitigate ransomware risk?

We're not a detection company, but we stop ransomware from proliferating across your network. There are tools that can easily detect ransomware going from machine to machine but they don't actually stop it from moving, these tools just tell you that you need another tool to stop it. The premise of Airgap is we plug in our device and scan your entire network. We can see all the Windows machines talk to each other and all the devices they talk to.  We map that out and based on the map we create rules for your green setting, which by default blocks all unnecessary traffic. That keeps you safe-ish. If ransomware does come in, we don't stop it from entering the system but we do stop it from going from machine to machine. We have a ransomware kill switch where we set up stricter rules based on your risks. Your yellow setting may be to block access to your file servers, and the red setting stops any traffic to your industrial control systems so you don't have to shut down your pipeline. It's a simple method that implements actual Zero Trust in your network—not the Zero Trust that everybody's talking about, which doesn't do anything.

Anonymous Author
We're not a detection company, but we stop ransomware from proliferating across your network. There are tools that can easily detect ransomware going from machine to machine but they don't actually stop it from moving, these tools just tell you that you need another tool to stop it. The premise of Airgap is we plug in our device and scan your entire network. We can see all the Windows machines talk to each other and all the devices they talk to.  We map that out and based on the map we create rules for your green setting, which by default blocks all unnecessary traffic. That keeps you safe-ish. If ransomware does come in, we don't stop it from entering the system but we do stop it from going from machine to machine. We have a ransomware kill switch where we set up stricter rules based on your risks. Your yellow setting may be to block access to your file servers, and the red setting stops any traffic to your industrial control systems so you don't have to shut down your pipeline. It's a simple method that implements actual Zero Trust in your network—not the Zero Trust that everybody's talking about, which doesn't do anything.
4 upvotes
Anonymous Author
I have immutable backups for servers and for desktop/laptop/endpoint. Using two different vendors - one for each use case. It may not be the best strategy but I’m comfortable that it will help me mitigate risk.
2 upvotes