’Tis the Season for Cyberattacks: 6 Steps Retailers Can Take to Ensure Effective Ransomware Protection

The holidays are upon us; for most retailers, that’s when sales spike. So do cyberattacks. In 2022, the Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) released a cybersecurity advisory, noting an “increase in highly impactful ransomware attacks on holidays and weekends.” 

Meanwhile, Arcserve’s annual independent global research survey found that 54 percent of retail executives reported being targeted by ransomware in the previous 12 months. Over a quarter of those attacks resulted in compromised data, while 24 percent confirmed paying the ransom. 

Make Data Loss Prevention a Priority

The Arcserve study spotlights how unprepared most retailers are to defend against these threats. Two-thirds of retail executives surveyed weren’t confident they could recover all lost data if a ransomware attack hit them. 

Almost half—42 percent—admitted they couldn’t recover all lost data during their last significant data loss incident. And 57 percent reported they lack well-documented or updated disaster recovery plans. Most of these retail executives—72 percent—also don’t have specific data resilience goals as part of their data protection and backup strategies. 

If you’re responsible for data protection in your retail organization, here are six steps you can take to ensure you are confident in your disaster recovery preparations and data recovery capabilities.

1. Update Your Disaster Recovery Plan

If your disaster recovery plan isn’t current, chaos will likely ensue if your organization can’t access its data or systems. It doesn’t matter whether the incident is caused by ransomware, hardware failure, natural disaster, or other reasons. Ensuring an effective data disaster recovery (DR) plan starts by identifying and prioritizing your most critical systems. You’ll also need to assess potential risks and establish recovery time and point objectives (RTOs/RPOs).

On the personnel side, it’s essential to pull together a cross-functional disaster recovery team with clear roles and responsibilities. This includes a clear communication strategy for coordinating activities during a disaster. 

You’ll also want to establish detailed data backup and disaster recovery procedures. Your plan should be tested and updated regularly to meet your evolving requirements, minimizing downtime and adverse impacts on your organization.

2. Train Your Team

Your people are the front line in the fight against ransomware and breaches. They are also the weakest link, with the Verizon 2023 Data Breach Investigations Report finding that 74 percent of all breaches involve the human element, with people being involved either via error, privilege misuse, use of stolen credentials, or social engineering.

Employee cybersecurity and ransomware prevention training should be fundamental to your cyber defenses. This training should empower your people to recognize and avoid cyber threats and suspicious activity like phishing, business email compromise (BEC), and malware hidden in attachments and links. 

It’s important to emphasize the importance of their role in adhering to company cybersecurity policies and procedures. Ongoing, regular training updates and phishing tests can help reinforce lessons learned and ensure your employees contribute to your organization’s data resiliency.

3. Limit Data Access

Identity access management (IAM) plays a pivotal role in data protection by ensuring that only authorized individuals access your sensitive systems and data. Role-based access controls (RBAC) enable you to grant and manage access privileges based on job roles, so users only have access to the data they need to do their jobs and nothing more. 

Multi-factor authentication (MFA) adds another layer of security by requiring users to provide multiple verification forms, such as a password and unique token. This adds another barrier blocking cybercriminals from accessing your data with stolen or compromised credentials.

IAM also enables centralized monitoring and logging of user activities, making it easier to spot suspicious behavior. A well-structured IAM approach can contribute to a robust defense against ransomware and cyberattacks.

4. Bolster Your Cybersecurity Defenses

A multi-layered approach to cybersecurity is your best defense. Backups are a primary target for ransomware because hackers know you can't recover if they can get to them. So, make sure your backup data protection approach includes threat detection and prevention. 

Arcserve solutions secured by Sophos Intercept X Advanced for Server deliver cutting-edge cybersecurity, using a deep-learning neural network and artificial intelligence (AI) to detect known and unknown threats without relying on signatures. Intercept X Advanced features CryptoGuard and WipeGuard, which use behavioral analysis to stop never-before-seen ransomware and boot record attacks.

Ensuring all software and systems are continually updated and patched is another vital step in minimizing vulnerabilities. Additional cybersecurity solutions, from intrusion detection and prevention systems (IDSP) to web application firewalls (WAF), are worth considering as you build your layered defensive infrastructure. 

5. Choose Resilient, Proven IT Investments

Seamless integration of cybersecurity, data protection, disaster recovery, and immutable storage is the most effective defense against ransomware. As you consider your options, you’ll find that’s precisely what Arcserve’s Unified Data Resilience Platform delivers. 

Built on three pillars—prevent, protect, and recover—Arcserve solutions help you minimize the impacts of data disasters. In addition to Sophos cybersecurity, our solutions offer immutable storage for your backups. Your backups can’t be altered or deleted when saved in an immutable format, even by admins. And your data is encrypted in transit and at rest. 

Arcserve offers solutions that fit virtually any size business—from SMBs to enterprises—and can be deployed as software, hardware, virtual appliances, and in the cloud. So you can count on data resilience for infrastructure as a service (IaaS) and software as a service (SaaS) environments, including with major providers like Microsoft 365, Google Workspace, and Salesforce. 

Arcserve solutions also support agentless protection of VMware, Hyper-V, and Nutanix deployments and a wide range of storage options, including tape backup, network-attached immutable storage, and cloud.

With decades of experience and proven products, Arcserve helps you eliminate complex system integrations, unify data protection and management, and do it all at the lowest total cost of ownership (TCO).

6. Choose a Trusted Partner

An Arcserve partner’s expert guidance and support can be invaluable in helping you choose and deploy the optimal data protection strategies and solutions for your retail business. Find an Arcserve technology partner.