Seven Steps Companies Can Take to Reduce Risk in a Ransomware Attack

Cyberattacks have increased exponentially since Covid-19 forced entire workforces into the home environment in 2020. Hackers love a good crisis and the disruption created by the global pandemic created a perfect storm of events.

In addition to the increase in both the number and sophistication, attacks of all types were up.  Ransomware attacks were up 150% in 2020 and have only grown more prevalent in 2021.  Accompanying this increase in ransom attacks, the amount of ransom demanded increased from the modest 5 and 6 figure amounts of a few years ago, with 2021 bringing ransom demands in the tens of millions of dollars.

The migration back into the office may cause another uptick in attacks as well as hackers try to profit from yet another workplace disruption.

Ransomware attacks are costly, with reputational risk being one of the most damaging effects.  The costs associated with these attacks are often substantial, especially if sensitive business information is exfiltrated.  Often the legal costs are exacerbated by regulatory enforcement actions or class action litigation, especially when notification obligations make the breach public.

Is your company ready?

Here are seven key steps you can take now to reduce the risk of falling victim:

1: Review the Company’s Cyber Policies and Incident Response Plan.

Have a written plan that sets forth exactly what role each employee will have in the event of a breach, including involving legal counsel early in the process to preserve attorney-client privilege.  Go over it often to develop “muscle memory” for your team. Keep a paper copy in case the attack takes down company systems.

2: Review Cyber Insurance and Ransom Coverage

Policies have changed considerably and 2021 has brought unprecedented levels of ransom demands. Be sure that your policy covers ransom and that the level of the policy is adequate in light of recent developments.

3: Establish Secure Communication Channel for Senior Management

Have a pre-established secure app texting string already set up.  A regular text is not a sufficiently secure alternative method if a threat actor has taken control of company systems.

4: Assess Key Vendor/Suppliers

Vendor/supplier cyberattacks have also garnered headlines. Your company is only as strong as its weakest vendor.  Assess and audit any key vendor or supplier to ensure they aren’t a trojan horse to launch malware.

5: MFA On All Accounts/Service Accounts

It is critical to implement multifactor authentication on all company accounts, including service and social media accounts.

6: Assess Need for Threat Hunt

Consider bringing in a third-party forensic firm to conduct a “threat hunt” to ferret out any threats within the system.

7: Robust employee training/education

With phishing emails up more than 35 times once Covid hit, educating employees on these methods is more important than ever.


As the saying goes, it is not a question of “if,” it is a question of “when.”  While cybersecurity risk can never be eliminated, taking these steps today can help reduce the risk for your company.

Brenda R. Sharton, partner and co-chair of Dechert’s global privacy & cybersecurity practice

Brenda R. Sharton is a nationally recognized expert, pioneer and thought leader in the area of privacy and cybersecurity law.